| Analysis Date | 2014-10-09 12:30:55 |
|---|---|
| MD5 | ac4bff7eb5413bc779736c1e2f890485 |
| SHA1 | 4ea0e36e3b6db3bd31b313b5d1170d64475ed6c4 |
Static Details:
Runtime Details:
| Screenshot |  |
|---|
Process
↳ C:\malware.exe
| Creates File | C:\Documents and Settings\Administrator\Local Settings\Temp\mjwhpkb1l7gdeltxtw4.exe |
|---|---|
| Creates File | C:\WINDOWS\system32\nfneisac\tst |
| Creates Process | C:\Documents and Settings\Administrator\Local Settings\Temp\mjwhpkb1l7gdeltxtw4.exe |
Process
↳ C:\Documents and Settings\Administrator\Local Settings\Temp\mjwhpkb1l7gdeltxtw4.exe
| Registry | HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Layer Video SPP Receiver Link-Layer Removal ➝ C:\WINDOWS\system32\csfuyufnnz.exe |
|---|---|
| Creates File | C:\WINDOWS\system32\drivers\etc\hosts |
| Creates File | C:\WINDOWS\system32\csfuyufnnz.exe |
| Creates File | C:\WINDOWS\system32\nfneisac\lck |
| Creates File | C:\WINDOWS\system32\nfneisac\tst |
| Creates File | C:\WINDOWS\system32\nfneisac\etc |
| Deletes File | C:\WINDOWS\system32\\drivers\etc\hosts |
| Creates Process | C:\WINDOWS\system32\csfuyufnnz.exe |
| Creates Service | Procedure Information Client IPsec Helper - C:\WINDOWS\system32\csfuyufnnz.exe |
Process
↳ C:\WINDOWS\system32\svchost.exe
Process
↳ Pid 808
Process
↳ Pid 860
Process
↳ C:\WINDOWS\System32\svchost.exe
| Registry | HKEY_LOCAL_MACHINE\Software\Microsoft\WBEM\CIMOM\List of event-active namespaces ➝ NULL |
|---|---|
| Creates File | PIPE\lsarpc |
| Creates File | C:\WINDOWS\system32\WBEM\Repository\$WinMgmt.CFG |
| Creates File | C:\WINDOWS\system32\WBEM\Logs\wbemess.log |
Process
↳ Pid 1128
Process
↳ C:\WINDOWS\system32\spoolsv.exe
| Registry | HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print\BeepEnabled ➝ NULL |
|---|---|
| Registry | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\Print\TypesSupported ➝ 7 |
| Registry | HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print\Printers\SymbolicLinkValue ➝ NULL |
| Registry | HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\DefaultSpoolDirectory ➝ C:\WINDOWS\System32\spool\PRINTERS\\x00 |
Process
↳ Pid 1188
Process
↳ C:\WINDOWS\system32\csfuyufnnz.exe
| Registry | HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center\FirewallDisableNotify ➝ 1 |
|---|---|
| Creates File | C:\WINDOWS\system32\nfneisac\run |
| Creates File | C:\WINDOWS\system32\nfneisac\rng |
| Creates File | C:\WINDOWS\system32\lrclycie.exe |
| Creates File | pipe\net\NtControlPipe10 |
| Creates File | \Device\Afd\Endpoint |
| Creates File | C:\WINDOWS\system32\nfneisac\cfg |
| Creates File | C:\WINDOWS\system32\nfneisac\lck |
| Creates File | C:\WINDOWS\system32\nfneisac\tst |
| Creates File | C:\WINDOWS\TEMP\mjwhpkb1rsfde.exe |
| Creates Process | WATCHDOGPROC "c:\windows\system32\csfuyufnnz.exe" |
| Creates Process | C:\WINDOWS\TEMP\mjwhpkb1rsfde.exe -r 30706 tcp |
Process
↳ C:\WINDOWS\system32\csfuyufnnz.exe
| Creates File | C:\WINDOWS\system32\nfneisac\tst |
|---|
Process
↳ WATCHDOGPROC "c:\windows\system32\csfuyufnnz.exe"
| Creates File | C:\WINDOWS\system32\nfneisac\tst |
|---|
Process
↳ C:\WINDOWS\TEMP\mjwhpkb1rsfde.exe -r 30706 tcp
| Creates File | \Device\Afd\Endpoint |
|---|---|
| Winsock DNS | 239.255.255.250 |
Network Details:
| DNS | stickmarch.net Type: A 69.195.129.70 |
|---|---|
| DNS | tablefruit.net Type: A 69.195.129.70 |
| DNS | mightglossary.net Type: A 208.91.197.241 |
| DNS | requireneither.net Type: A 208.91.197.241 |
| DNS | gentlefriend.net Type: A 208.91.197.241 |
| DNS | glasshealth.net Type: A 208.91.197.241 |
| DNS | rememberpaint.net Type: A 208.91.197.241 |
| DNS | throughcountry.net Type: A 208.91.197.241 |
| DNS | rockfeel.net Type: A 211.196.153.94 |
| DNS | humanguide.net Type: A 208.91.197.54 |
| DNS | hairguide.net Type: A 69.172.201.208 |
| DNS | yardguide.net Type: A 64.34.157.180 |
| DNS | musicguide.net Type: A 69.172.201.208 |
| DNS | wishguide.net Type: A 87.106.117.110 |
| DNS | rockname.net Type: A 207.195.223.7 |
| DNS | rockguide.net Type: A 65.182.100.15 |
| DNS | necessarydress.net Type: A |
| DNS | littleappear.net Type: A |
| DNS | hangonly.net Type: A |
| DNS | septemberonly.net Type: A |
| DNS | joinfeel.net Type: A |
| DNS | wishfeel.net Type: A |
| DNS | joinhigh.net Type: A |
| DNS | wishhigh.net Type: A |
| DNS | joincolor.net Type: A |
| DNS | wishcolor.net Type: A |
| DNS | joinonly.net Type: A |
| DNS | wishonly.net Type: A |
| DNS | deadfeel.net Type: A |
| DNS | deadhigh.net Type: A |
| DNS | rockhigh.net Type: A |
| DNS | deadcolor.net Type: A |
| DNS | rockcolor.net Type: A |
| DNS | deadonly.net Type: A |
| DNS | rockonly.net Type: A |
| DNS | wrongfeel.net Type: A |
| DNS | madefeel.net Type: A |
| DNS | wronghigh.net Type: A |
| DNS | madehigh.net Type: A |
| DNS | wrongcolor.net Type: A |
| DNS | madecolor.net Type: A |
| DNS | wrongonly.net Type: A |
| DNS | madeonly.net Type: A |
| DNS | humanhalf.net Type: A |
| DNS | hairhalf.net Type: A |
| DNS | humanname.net Type: A |
| DNS | hairname.net Type: A |
| DNS | humanlate.net Type: A |
| DNS | hairlate.net Type: A |
| DNS | yardhalf.net Type: A |
| DNS | musichalf.net Type: A |
| DNS | yardname.net Type: A |
| DNS | musicname.net Type: A |
| DNS | yardlate.net Type: A |
| DNS | musiclate.net Type: A |
| DNS | wenthalf.net Type: A |
| DNS | spendhalf.net Type: A |
| DNS | wentname.net Type: A |
| DNS | spendname.net Type: A |
| DNS | wentguide.net Type: A |
| DNS | spendguide.net Type: A |
| DNS | wentlate.net Type: A |
| DNS | spendlate.net Type: A |
| DNS | fronthalf.net Type: A |
| DNS | offerhalf.net Type: A |
| DNS | frontname.net Type: A |
| DNS | offername.net Type: A |
| DNS | frontguide.net Type: A |
| DNS | offerguide.net Type: A |
| DNS | frontlate.net Type: A |
| DNS | offerlate.net Type: A |
| DNS | hanghalf.net Type: A |
| DNS | septemberhalf.net Type: A |
| DNS | hangname.net Type: A |
| DNS | septembername.net Type: A |
| DNS | hangguide.net Type: A |
| DNS | septemberguide.net Type: A |
| DNS | hanglate.net Type: A |
| DNS | septemberlate.net Type: A |
| DNS | joinhalf.net Type: A |
| DNS | wishhalf.net Type: A |
| DNS | joinname.net Type: A |
| DNS | wishname.net Type: A |
| DNS | joinguide.net Type: A |
| DNS | joinlate.net Type: A |
| DNS | wishlate.net Type: A |
| DNS | deadhalf.net Type: A |
| DNS | rockhalf.net Type: A |
| DNS | deadname.net Type: A |
| DNS | deadguide.net Type: A |
| DNS | deadlate.net Type: A |
| DNS | rocklate.net Type: A |
| DNS | wronghalf.net Type: A |
| DNS | madehalf.net Type: A |
| DNS | wrongname.net Type: A |
| HTTP GET | http://stickmarch.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://tablefruit.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://mightglossary.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://requireneither.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://gentlefriend.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://glasshealth.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://rememberpaint.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://throughcountry.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://rockfeel.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://humanguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://hairguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://yardguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://musicguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://wishguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://rockname.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://rockguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://stickmarch.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://tablefruit.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://mightglossary.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://requireneither.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://gentlefriend.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://glasshealth.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://rememberpaint.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://throughcountry.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://rockfeel.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://humanguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://hairguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://yardguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://musicguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://wishguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://rockname.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| HTTP GET | http://rockguide.net/forum/search.php?method=validate&mode=sox&v=027&sox=3bdbc200 User-Agent: |
| Flows TCP | 192.168.1.1:1036 ➝ 69.195.129.70:80 |
| Flows TCP | 192.168.1.1:1037 ➝ 69.195.129.70:80 |
| Flows TCP | 192.168.1.1:1038 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1039 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1040 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1041 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1042 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1043 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1045 ➝ 211.196.153.94:80 |
| Flows TCP | 192.168.1.1:1046 ➝ 208.91.197.54:80 |
| Flows TCP | 192.168.1.1:1047 ➝ 69.172.201.208:80 |
| Flows TCP | 192.168.1.1:1048 ➝ 64.34.157.180:80 |
| Flows TCP | 192.168.1.1:1049 ➝ 69.172.201.208:80 |
| Flows TCP | 192.168.1.1:1050 ➝ 87.106.117.110:80 |
| Flows TCP | 192.168.1.1:1051 ➝ 207.195.223.7:80 |
| Flows TCP | 192.168.1.1:1052 ➝ 65.182.100.15:80 |
| Flows TCP | 192.168.1.1:1053 ➝ 69.195.129.70:80 |
| Flows TCP | 192.168.1.1:1054 ➝ 69.195.129.70:80 |
| Flows TCP | 192.168.1.1:1055 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1056 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1057 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1058 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1059 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1060 ➝ 208.91.197.241:80 |
| Flows TCP | 192.168.1.1:1061 ➝ 211.196.153.94:80 |
| Flows TCP | 192.168.1.1:1062 ➝ 208.91.197.54:80 |
| Flows TCP | 192.168.1.1:1063 ➝ 69.172.201.208:80 |
| Flows TCP | 192.168.1.1:1064 ➝ 64.34.157.180:80 |
| Flows TCP | 192.168.1.1:1065 ➝ 69.172.201.208:80 |
| Flows TCP | 192.168.1.1:1066 ➝ 87.106.117.110:80 |
| Flows TCP | 192.168.1.1:1067 ➝ 207.195.223.7:80 |
| Flows TCP | 192.168.1.1:1068 ➝ 65.182.100.15:80 |
Raw Pcap
0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207374 69636b6d 61726368 2e6e6574 : stickmarch.net 0x00000080 (00128) 0d0a0d0a .... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207461 626c6566 72756974 2e6e6574 : tablefruit.net 0x00000080 (00128) 0d0a0d0a .... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206d69 67687467 6c6f7373 6172792e : mightglossary. 0x00000080 (00128) 6e65740d 0a0d0a net.... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207265 71756972 656e6569 74686572 : requireneither 0x00000080 (00128) 2e6e6574 0d0a0d0a .net.... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206765 6e746c65 66726965 6e642e6e : gentlefriend.n 0x00000080 (00128) 65740d0a 0d0a0d0a et...... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a20676c 61737368 65616c74 682e6e65 : glasshealth.ne 0x00000080 (00128) 740d0a0d 0a0a0d0a t....... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207265 6d656d62 65727061 696e742e : rememberpaint. 0x00000080 (00128) 6e65740d 0a0d0a0a net..... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207468 726f7567 68636f75 6e747279 : throughcountry 0x00000080 (00128) 2e6e6574 0d0a0d0a .net.... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a20726f 636b6665 656c2e6e 65740d0a : rockfeel.net.. 0x00000080 (00128) 0d0a6574 0d0a0d0a ..et.... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206875 6d616e67 75696465 2e6e6574 : humanguide.net 0x00000080 (00128) 0d0a0d0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206861 69726775 6964652e 6e65740d : hairguide.net. 0x00000080 (00128) 0a0d0a0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207961 72646775 6964652e 6e65740d : yardguide.net. 0x00000080 (00128) 0a0d0a0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206d75 73696367 75696465 2e6e6574 : musicguide.net 0x00000080 (00128) 0d0a0d0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207769 73686775 6964652e 6e65740d : wishguide.net. 0x00000080 (00128) 0a0d0a0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a20726f 636b6e61 6d652e6e 65740d0a : rockname.net.. 0x00000080 (00128) 0d0a0a0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a20726f 636b6775 6964652e 6e65740d : rockguide.net. 0x00000080 (00128) 0a0d0a0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207374 69636b6d 61726368 2e6e6574 : stickmarch.net 0x00000080 (00128) 0d0a0d0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207461 626c6566 72756974 2e6e6574 : tablefruit.net 0x00000080 (00128) 0d0a0d0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206d69 67687467 6c6f7373 6172792e : mightglossary. 0x00000080 (00128) 6e65740d 0a0d0a0a net..... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207265 71756972 656e6569 74686572 : requireneither 0x00000080 (00128) 2e6e6574 0d0a0d0a .net.... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206765 6e746c65 66726965 6e642e6e : gentlefriend.n 0x00000080 (00128) 65740d0a 0d0a0d0a et...... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a20676c 61737368 65616c74 682e6e65 : glasshealth.ne 0x00000080 (00128) 740d0a0d 0a0a0d0a t....... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207265 6d656d62 65727061 696e742e : rememberpaint. 0x00000080 (00128) 6e65740d 0a0d0a0a net..... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207468 726f7567 68636f75 6e747279 : throughcountry 0x00000080 (00128) 2e6e6574 0d0a0d0a .net.... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a20726f 636b6665 656c2e6e 65740d0a : rockfeel.net.. 0x00000080 (00128) 0d0a6574 0d0a0d0a ..et.... 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206875 6d616e67 75696465 2e6e6574 : humanguide.net 0x00000080 (00128) 0d0a0d0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206861 69726775 6964652e 6e65740d : hairguide.net. 0x00000080 (00128) 0a0d0a0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207961 72646775 6964652e 6e65740d : yardguide.net. 0x00000080 (00128) 0a0d0a0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a206d75 73696367 75696465 2e6e6574 : musicguide.net 0x00000080 (00128) 0d0a0d0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a207769 73686775 6964652e 6e65740d : wishguide.net. 0x00000080 (00128) 0a0d0a0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a20726f 636b6e61 6d652e6e 65740d0a : rockname.net.. 0x00000080 (00128) 0d0a0a0a 0d0a0d0a ........ 0x00000000 (00000) 47455420 2f666f72 756d2f73 65617263 GET /forum/searc 0x00000010 (00016) 682e7068 703f6d65 74686f64 3d76616c h.php?method=val 0x00000020 (00032) 69646174 65266d6f 64653d73 6f782676 idate&mode=sox&v 0x00000030 (00048) 3d303237 26736f78 3d336264 62633230 =027&sox=3bdbc20 0x00000040 (00064) 30204854 54502f31 2e300d0a 41636365 0 HTTP/1.0..Acce 0x00000050 (00080) 70743a20 2a2f2a0d 0a436f6e 6e656374 pt: */*..Connect 0x00000060 (00096) 696f6e3a 20636c6f 73650d0a 486f7374 ion: close..Host 0x00000070 (00112) 3a20726f 636b6775 6964652e 6e65740d : rockguide.net. 0x00000080 (00128) 0a0d0a0a 0d0a0d0a ........
Strings
Ia
"
'
%+#I64
.,
.
\
:
:
e
+
%+#.*
%+#.*L
..
-_
s
+%D%A%26A&
h1
21212
"1"2d1x
\
0
'
\
.
.
.
.
..
...
...
..........
...
!
" # .
$
..
&
'
('
)
*)
+
,-.)/)
S
[
Z
[
Z
[
d2
h2
1
1
x
grdrHiaaSvdnOSd2sCpFcnEoav3CAnoriCrahErjW.bnSaKnT
-
CC-E-
-0
-0010+-0
0
-0
.
-e-
.
00-+
.00-+
\
00
:\
:...
...........?-
0
0
0
0
-
.
G
d...
....
.
}
.
Zw..uz
.
..u
H
((((( H
h(((( H
jjjh
jjjjj
KERNEL32.DLL
Mjjj
mscoree.dll
(null)
$_$>{,
\$$_^[
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
0A@@Ju
0KHUFx
0SSSSS
0WWWWW
]0>X |
}1=57X
1#QNAN
1#SNAN
1u}! '
+.U
>1u,G
1,X4%6"
1=Yw?y
=@<2;3K{
$27])Z
2r0E[O
'!3Hi6V
3!OC0~
-_^~4f
4F4nUq
4Ix$Xj6X
4Oxi!DxF
?5~Ac(
5LZ\X7
5<*=-M
5ok<xX
)[5$wjDx9
6|D((`
6(E1p]L
[]" )7
=7f9et
7ip;!d`l
7j!9L^?
7R?$yl
^7v;o*
\$8j)QVf
8VVVVV
8z;4Z+
9*0S*
\$(9\$0u*
9\$0uC9\$Pt=
9\$8t2
9HNGoc
9j\940.
9JUi|f
9\$Lt;
9mFi/WK<P
9n79o0
^@9n8r
^\9nTr
9\$$t4
\$<9\$|tp
|$@9\$Ts
9\$ uf
9\$(uF
|$$9x<
\$<9X<
a9~'Eh'
_\,A A~_{6W^
aar0(/
aa}s_D
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
'aeNud
america
american
american english
american-english
An application has made an attempt to load the C runtime library incorrectly.
<at9<rt,<wt
- Attempt to initialize the CRT more than once.
- Attempt to use MSIL code from this assembly during native code initialization
.?AUctype_base@std@@
August
australian
\{]* ]aV
.?AVbad_alloc@std@@
.?AVbad_cast@std@@
.?AVbad_exception@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
.?AV?$ctype@D@std@@
.?AVexception@std@@
.?AVfacet@locale@std@@
.?AVfailure@ios_base@std@@
.?AVios_base@std@@
.?AV?$_Iosb@H@std@@
.?AVlength_error@std@@
.?AV_Locimp@locale@std@@
.?AVlogic_error@std@@
.?AV?$numpunct@D@std@@
.?AV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AVout_of_range@std@@
.?AVruntime_error@std@@
.?AVtype_info@@
^.Ax/V
aysppiF
B1K^Lz
B1v&T
bad allocation
bad cast
bad exception
Base Class Array'
Base Class Descriptor at (
__based(
BeginPaint
belgian
b*Gt1M
BiPUp.
BN*h!c<
bQJ=^\^(
]}&'bR
britain
B~_yp,
c1~eK0
c9h7Jp~
Cair$?4
CAJuO
canadian
,cbEPv
__cdecl
'cEO}
*CFJ-_
CheckDlgButton
chinese
chinese-hongkong
chinese-simplified
chinese-singapore
chinese-traditional
Class Hierarchy Descriptor'
CloseHandle
__clrcall
cmd.exe
cNN+U1Py
CompareStringA
CompareStringW
Complete Object Locator'
COMSPEC
CONOUT$
`copy constructor closure'
Copyright (c) 1992-2004 by P.J. Plauger, licensed by Dinkumware, Ltd. ALL RIGHTS RESERVED.
CorExitProcess
C PjPV
C$PjQV
C.PjRV
C/PjSV
C*PjTV
C+PjUV
C,PjVV
C-PjWV
CQc18m~\
CreateFileA
CreateProcessA
CreateThread
- CRT not initialized
C,Vf$i.
C$$+Wd
CX7F&B
@]CY('
\$, D$
D$0h0u
D$0PUVQ
D$0SUVW
D$,_^3
D$4^]_[
D$4^9f
D$4PWQ
D$4SUVW
D'8%(
D$8-;<
D$89\$4
D$8WPQ
\$D9|$<r
D$@9\$Ts
D$$;A<
@DAK_]
@.data
dcSj)`
D$ )D$
D$D9l$Xs
dddd, MMMM dd, yyyy
D$DPQj
D$d@PV
December
DecodePointer
`default constructor closure'
delete
delete[]
Delete
DeleteCriticalSection
DeleteFileA
deque<T> too long
<dgg*_
D$HSSj
D$hSUVW
D$HSUVW
D$hSVW
d$,hVpM
D$<hX0K
D$(j 3
\$Dj"h40K
,D"\l_
D$L_^[3
d$lh,EK
D$LPQV
D$LPSh
D$LPSV
D$LPSVQ
D$lQUSRP
D$LSUVW
D$LSVW
D$$m?Q6
DOMAIN error
doMo<~
D$p_^][3
D$P9|$ht'
D$`PhT
+D$@PVU
D$$PWQ
D$,QRP
D$$QWR
DrawTextA
D$,RWP
D$ SPW
D$`SUVW
D$<SUVW
D$,SUVW
D$<SVW
D$@SVW
D+++Tg
D$TPSQ
dutch-belgian
D$ UV3
D$$VSj
D$ VSUP
D$@VWSP
D$XhH+K
D$XPVS
D$XPWSj
D$xPWV
D$xSUVW
D$xSVW
D$xWPQR
`dynamic atexit destructor for '
`dynamic initializer for '
D$@zWG
\e@@b2
eb{-*k
EC3%)i
E^G^x"
`eh vector constructor iterator'
`eh vector copy constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`eh vector vbase copy constructor iterator'
e`+=>K
ElSVWP
em?QBx
EncodePointer
EndDialog
EndPaint
england
english-american
english-aus
english-belize
english-can
english-caribbean
english-ire
english-jamaica
english-nz
english-south africa
english-trinidad y tobago
english-uk
english-us
english-usa
EnterCriticalSection
EnumSystemLocalesA
EP*l"7c
EpSVWP
eTiVMrG@
ExitProcess
EYI{;R
F09n(u
F;5 mM
__fastcall
F)B!kv
February
fHP}_Y'3
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
;f`IxVa
FkCvh
- floating point support not loaded
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
ForceRemove
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
french-belgian
french-canadian
french-luxembourg
french-swiss
Friday
ft3-o%
^F<-uB
[#FuQm
'Fx5BF
fY)LmTZ
:g'1qC
`g(1us
GAIsProcessorFeaturePresent
GDI32.dll
german-austrian
german-lichtenstein
german-luxembourg
german-swiss
GetACP
GetActiveWindow
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCPInfo
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetCursor
GetDCBrushColor
GetDlgItem
GetDlgItemInt
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesA
GetFileTime
GetFileType
GetFontLanguageInfo
GetFontUnicodeRanges
GetForegroundWindow
GetFullPathNameA
GetInputState
GetKeyboardType
GetLastActivePopup
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetMapMode
GetMenu
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuItemCount
GetMenuItemID
GetMenuState
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetOEMCP
GetPixelFormat
GetPolyFillMode
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessWindowStation
GetQueueStatus
GetRandomRgn
GetScrollPos
GetStartupInfoA
GetStdHandle
GetStretchBltMode
GetStringTypeA
GetStringTypeW
GetSystemPaletteUse
GetSystemTimeAsFileTime
GetTextAlign
GetTextCharacterExtra
GetTextCharset
GetTextCharsetInfo
GetTextColor
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetUserObjectInformationA
GetWindowContextHelpId
GetWindowDC
GetWindowLongA
gnhx$:
}-GOPG
G_Pv//
great britain
gSLjOJ
g<*u]j
`h````
|$\h0oK
HCid2,A
HD$'cZ
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
\$ h$EK
~HGc:P
`h`hhh
HH:mm:ss
HHtXHHt
HHtYHHt
Hi<$`9I
\$Hj,PWf
holland
hong-kong
#iB?EV
>If90t
If>\{W
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
invalid map/set<T> iterator
invalid string position
i& nxi
ios_base::badbit set
ios_base::eofbit set
ios_base::failbit set
irish-english
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWindowEnabled
italian-swiss
\$(j0RVf
j1hDtL
J3$e I
j4hLsL
J62}PL
J8o?D\
JanFebMarAprMayJunJulAugSepOctNovDec
January
Jcp-i5
j h4?K
$j hDBK
@j(HGv
j hH5K
j]hh@K
j hh:K
j h@?K
j h$<K
j.h nK
j"hpoK
j h(sL
j$hTAK
j.hT?K
j@j ^V
j#kem*
jOhH=K
\$@j,Pf
\$$jPRf
)j)\Qi
],j?RV
j"^SSSSS
ju%o A
\$@|JV
]KA[!uLG
KERNEL32
KERNEL32.dll
-KK]Dq
klkh'~
}kOcQf'
K<s4wElt
\:K=z*x
L$ _^[
L$0_^3
L$0QRV
L$<_^[3
L$\_^[3
L$4j2Q
L$4QVP
L5s$8Sq
L9?6kmh.k
\$L9=T
L9t$Tr
{-lBBH
LC_ALL
LC_COLLATE
LC_CTYPE
LCMapStringA
LCMapStringW
LC_MONETARY
LC_NUMERIC
LC_TIME
L$DURPVQ
LeaveCriticalSection
L$$;H<
L$H-i$
L$Hj@Q
L$HSSj
-lIDYV&;m
L$ j@Q
L$L^_]3
L$LQRV
L$LQRVWW
L$LQSVPP
)LmW,Z
LoadIconA
LoadLibraryA
LoadResource
LocalAlloc
LocalFlags
`local static guard'
`local static thread guard'
`local vftable'
`local vftable constructor closure'
L$\-]p
L$@PQ3
L$pQPh
L$pRSPQVW
L>>q7p!
L$$Qh?
L$ Qj
L$$Qj$
L$@QRP
L$`QRRj
L$$QRUV
L$ QUV
L$@QWR
L$$RPQ
L$(SU;
L$Th0u
L$tQRPh
L$\<+t'<-t#<0u
l$$t:W
L$ <-u
L$$USWVP
lWFZkVF2Q
L$ WPQ
L$ WQP
L$xRSPQWV
M7qSw9QX~
`managed vector constructor iterator'
`managed vector copy constructor iterator'
`managed vector destructor iterator'
map/set<T> too long
MessageBoxA
M+fBC=GM`
Microsoft Visual C++ Runtime Library
ML/gdbUvr(
MM/dd/yy
moe|h}
Monday
MoveFileA
MQ{M:i)
~MSSSh
MultiByteToWideChar
:$}N^@
'NBh5X
n&"<BK
NbNm}X
`Nc3SO6
new[]
new-zealand
NG-"jB
-nG{Xj
n _j O
Nmm/$Y
NoRemove
norwegian
norwegian-bokmal
norwegian-nynorsk
Norwegian-Nynorsk
- not enough space for arguments
- not enough space for environment
- not enough space for locale information
- not enough space for lowio initialization
- not enough space for _onexit/atexit table
- not enough space for stdio initialization
- not enough space for thread data
November
n-#R\H.
(null)
|o3R>|1)
o4y;Xx)
o'7`:^
October
O?Dn#^;
~O!`%f
>o}iD:
ojjKmF
OLEAUT32.dll
`omni callsig'
oo}\KGNp@X
operator
OvUB<y6
oX=MN<
O(@_z_
^p72[\9
P94}{Yz
\$P9=HoM
__pascal
{;^#pB
Pf95TrM
`placement delete closure'
`placement delete[] closure'
Please contact the application's support team for more information.
p~nzF>
portuguese-brazilian
PostMessageA
PPPPPPPP
|$ PQj
PQSUVW
p+ra.}
pr china
pr-china
Program:
<program name unknown>
PrqsD,
PT42BE
__ptr64
Pu4s#{
puerto-rico
- pure virtual function call
P]UvJ)Z
%PUz^?K
PvR*t8
pYm zxYP
P@z`pJPg*
$Q ,&0
q }3J\bq
q|cx(i
QdOaH'
qebL<-
+.Q-hA\b0
_]QHU(C
qI[gdp
[Q+MrY
|$,QPW
QQSVWd
QueryPerformanceCounter
QYcP(9
`^r$',]
r/0P4wn
R2g;t(f
RaiseException
`.rdata
ReadFile
__restrict
) rfe+Q}z
Rich4t
rJr-LNN
RkD R9
RPv}+f
RShH K
RSSSSSSh
RtlUnwind
runtime error
Runtime Error!
RWhH K
=<RwZ<
|`_RzD
$S>8yf
Saturday
`scalar deleting destructor'
ScO'a$S
SendMessageA
September
SetDlgItemTextA
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
SetFocus
SetHandleCount
SetLastError
SetStdHandle
SetTextAlign
SetTextCharacterExtra
SetTextJustification
SetUnhandledExceptionFilter
SetWindowTextA
{sgS3"
ShowWindow
SING error
SizeofResource
sJq YK
sKZZ#$
slovak
south africa
south-africa
south korea
south-korea
spanish-argentina
spanish-bolivia
spanish-chile
spanish-colombia
spanish-costa rica
spanish-dominican republic
spanish-ecuador
spanish-el salvador
spanish-guatemala
spanish-honduras
spanish-mexican
spanish-modern
spanish-nicaragua
spanish-panama
spanish-paraguay
spanish-peru
spanish-puerto rico
spanish-uruguay
spanish-venezuela
s/QG P
SRUQWP
s[S;7|G;w
SSPh@=D
^SSSSS
__stdcall
`string'
string too long
Sunday
SunMonTueWedThuFriSat
SwcoQj
swedish-finland
|;SY|"kFD.w
SystemRoot
;|$$t
\$ ;\$(t
T$0RUVP
;t$0t
t2h(fM
T$4GWR
T$4j2R
T$4jlR
T$4QWR
t895plM
"t8F)H>
t$8j4PVf
t>9\$8
\$T9](t
\\t:Aq
T$$- b
T$DVVj
TerminateProcess
t=FA9]
tGHt.Ht&
(</t$h
+t HHt
This application has requested the Runtime to terminate it in an unusual way.
__thiscall
This indicates a bug in your application.
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
!This program cannot be run in DOS mode.
t?h( K
tHSSSh
Thursday
tIj"[:
t$ jNV
tKj$hTAK
< tK< tG
TLOSS error
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
t$ MONEGF;
<\tM</tI
T$PRQP
T$|PSQRWV
T$,PVR
t$PWPh(lJ
T$,QPR
tR99u2
trinidad & tobago
T$$RjKj
T$ RPPj
t$(RQPV
T$$RWUV
={TsEu
t"SS9]
t<SSSh
T$$SU3
<+t(<-t$:
T$ )T$$
T$T_^[
T$@tAjah
T$TPuC
t$<"u 3
Tuesday
TU`m?9
;t$,v-
t VV9u
t$,VWj
T$ Wh0
t+WWVPV
T$XRj$
T$xRQP
T$xVSQR
Type Descriptor'
`typeof'
Tz\[Ej
>:u8FV
u.9D$4t
UaQ"AT3J
UB2:us
~=_UBj[
`udt returning'
Ue,Zau
UFhyzF
u@jGhhEK
u@j h4?K
- unable to initialize heap
- unable to open console device
__unaligned
- unexpected heap error
- unexpected multithread lock error
UnhandledExceptionFilter
UNICODE
united-kingdom
united-states
Unknown exception
UQPXY]Y[
uqSSSSS
URPQQh
URUUUh
uS4j=ED4}
USER32.dll
USER32.DLL
u[SSSP
UTF-16LE
UV$T0s
u,VVWV
u~zq#H
V#1f+n
-\`!v5o
v:67@u
>v7)Uf
`vbase destructor'
`vbtable'
`vcall'
`vector constructor iterator'
`vector copy constructor iterator'
`vector deleting destructor'
`vector destructor iterator'
`vector vbase constructor iterator'
`vector vbase copy constructor iterator'
`vftable'
Vh9Kqk{p
VirtualAlloc
`virtual displacement map'
VirtualFree
Vjuk/3
VKPhVpM
v:*L6q%
v N+D$
<=v@<>u
@v}v7c
_VVVVV
VVVVVQRSSj
vXQF=E
>,&VY9
W7? &q
w87(\q
WaitForSingleObject
Wednesday
~W.i%)>_
WideCharToMultiByte
WindowFromDC
|$$Wj"
w<K#!,` `
wK2Yn`\
w.{lBR
wME;Uw3
w<ojNs
W:pOBxq*
WPOn+(]N
WriteConsoleA
WriteConsoleW
WriteFile
WS2_32.dll
WUCh|H
^WWWWW
w?)X^a+|
WzwKbj|
x0*&+,Q1tr
xm9?Ef
XN/x,{~Q
xppwpp
xpxxxx
Xq3&`fL
\$X+t$L+
<xtX<XtT
x*u>G$
xWo"&2K
\$XWPQ
xX]4ri
Xxf'~g
~$_^]Y
y3VIlB
Y3`ZAc
y5j,.n
`Y\GjC
y,hSc*
yIK9Hg
|-yr>h
y_>@T`
>=Yt1j
yUf72Y
Y<\u#j\V
\\z%>:
{Z7?VPf
ZC;{ m
Zp=:wW^7
zVjHxG