Trojan.Win32.IEDummy_a431890fd7

by malwarelabrobot on May 3rd, 2016 in Malware Descriptions.

not-a-virus:HEUR:AdWare.Win32.SoftPulse.heur (Kaspersky), Trojan.Win32.IEDummy.FD, mzpefinder_pcap_file.YR (Lavasoft MAS)
Behaviour: Trojan, Adware


The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.

Requires JavaScript enabled!

Summary
Dynamic Analysis
Static Analysis
Network Activity
Map
Strings from Dumps
Removals

MD5: a431890fd72ffc3c2220e903f5b3b7e0
SHA1: a6238b487feb1dca0d7d151ac0240ccb391acfdc
SHA256: 5748c3f23156788d7a86cf7e50828a2c56f34427e25eff3a77e52fe1b824811c
SSDeep: 12288:8oWvxUHN9nPQc7/XJ8Ni7GKLdJQ DMPqkdvWDlfmLKPYn1W:8RJwQW/usdJQeKqkdODlUn1W
Size: 574456 bytes
File type: EXE
Platform: WIN32
Entropy: Packed
PEID: PECompactV2X, PECompactv20, UPolyXv05_v6
Company: no certificate found
Created at: 2016-04-07 11:23:14
Analyzed on: WindowsXP SP3 32-bit


Summary:

Trojan. A program that appears to do one thing but actually does another (a.k.a. Trojan Horse).

Payload

No specific payload has been found.

Process activity

The Trojan creates the following process(es):

jfilemanagersetup.exe:1980

The Trojan injects its code into the following process(es):

%original file name%.exe:944
WebBrowser.exe:1652
JFileManager.exe:2052

Mutexes

The following mutexes were created/opened:

DDrawDriverObjectListMutex
__DDrawCheckExclMode__
__DDrawExclMode__
DDrawWindowListMutex
CTF.TMD.MutexDefaultS-1-5-21-1844237615-1960408961-1801674531-1003
CTF.Layouts.MutexDefaultS-1-5-21-1844237615-1960408961-1801674531-1003
CTF.Asm.MutexDefaultS-1-5-21-1844237615-1960408961-1801674531-1003
CTF.Compart.MutexDefaultS-1-5-21-1844237615-1960408961-1801674531-1003
CTF.LBES.MutexDefaultS-1-5-21-1844237615-1960408961-1801674531-1003
ShimCacheMutex
DBWinMutex
c:!documents and settings!adm!cookies!
c:!documents and settings!adm!local settings!temporary internet files!content.ie5!
c:!documents and settings!adm!local settings!history!history.ie5!
WininetConnectionMutex
WininetStartupMutex
WininetProxyRegistryMutex
RasPbFile
_!MSFTHISTORY!_
oleacc-msaa-loaded
ZonesLockedCacheCounterMutex
ZonesCacheCounterMutex
ZonesCounterMutex

File activity

The process %original file name%.exe:944 makes changes in the file system.
The Trojan creates and/or writes to the following file(s):

%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\C9U7WXIF\JFileManagerSetup[1].exe (1014662 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\msjava[1].dll (465777 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\bullet-short[1].gif (54 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\SHYFG96R\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\SHYFG96R\loadingBar[1].gif (7422 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@getipintel[1].txt (221 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\KLEFGDIV\loading-install[1].gif (7 bytes)
%Documents and Settings%\%current user%\Cookies\index.dat (400 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\KLEFGDIV\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\SHYFG96R\progress-bar[1].png (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\C9U7WXIF\style[1].css (3073 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\i-download[1].png (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\C9U7WXIF\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Application Data\Setup Wizard\c54747b6-b9f3-4091-9baf-f1ed791ee404\jfilemanagersetup.exe (1014662 bytes)
%System%\wbem\Logs\wbemprox.log (225 bytes)

The Trojan deletes the following file(s):

%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\421b2534e5da9f1c66c5553e41e2f1f744c7fc7e05821a6cd1040bda26aab4cb003c32a7a02ece05566385c9b3de63d75666b26671ba234b[1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\C9U7WXIF\9533ea2e80c624b747e0611d49beaa086ea42e938009f868d86701dc2d7eb1186fc5e61aa7b61b17a313011b5ddd450a81e111041d142b88[1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\KLEFGDIV\JFileManagerSetup[1].exe (0 bytes)

The process jfilemanagersetup.exe:1980 makes changes in the file system.
The Trojan creates and/or writes to the following file(s):

%Program Files%\JFileManager\Languages\Italian.gif (934 bytes)
%Program Files%\JFileManager\Languages\Hindi.ini (2 bytes)
%Program Files%\JFileManager\Languages\Italian.ini (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\nse3.tmp\nsProcess.dll (4 bytes)
%Program Files%\JFileManager\icono.ico (12088 bytes)
%Program Files%\JFileManager\Languages\Hindi.gif (920 bytes)
%Program Files%\JFileManager\Newtonsoft.Json.dll (12536 bytes)
%Program Files%\JFileManager\Languages\Spanish.gif (569 bytes)
%Program Files%\JFileManager\JFileManager.exe (37368 bytes)
%Program Files%\JFileManager\Languages\English.ini (1 bytes)
%Program Files%\JFileManager\Languages\French.gif (928 bytes)
%Program Files%\JFileManager\Languages\Spanish.ini (1 bytes)
%Program Files%\JFileManager\Languages\Portuguese.ini (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\nso2.tmp (126424 bytes)
%Program Files%\JFileManager\Languages\Hebrew.gif (929 bytes)
%Program Files%\JFileManager\update.xml (206 bytes)
%Documents and Settings%\All Users\Start Menu\Programs\JFileManager\JFileManager.lnk (836 bytes)
%Program Files%\JFileManager\Languages\English.gif (977 bytes)
%Program Files%\JFileManager\uninstall.exe (3096 bytes)
%Program Files%\JFileManager\Languages\Portuguese.gif (883 bytes)
%Documents and Settings%\All Users\Start Menu\Programs\JFileManager\Uninstall JFileManager.lnk (637 bytes)
%Program Files%\JFileManager\Languages\Chinese (Simplified).ini (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Application Data\JFileManager\Config.ini (190 bytes)
%Documents and Settings%\%current user%\Local Settings\Application Data\JFileManager\Downloads\Torrents\fastresume.data (2 bytes)
%Program Files%\JFileManager\ComponentFactory.Krypton.Toolkit.dll (77843 bytes)
%Program Files%\JFileManager\ClipboardURLCatcher.jar (2 bytes)
%Program Files%\JFileManager\jfilemanager.affcode (3 bytes)
%Program Files%\JFileManager\Languages\French.ini (1 bytes)
%Program Files%\JFileManager\jfilemanager.uidnum (23 bytes)
%Program Files%\JFileManager\Languages\Hebrew.ini (1 bytes)
%Program Files%\JFileManager\Languages\Chinese (Simplified).gif (941 bytes)
%Documents and Settings%\%current user%\Local Settings\Application Data\JFileManager\Downloads\Torrents\DhtNodes (2 bytes)
%Program Files%\JFileManager\Languages\German.gif (916 bytes)
%Documents and Settings%\All Users\Start Menu\Programs\Startup\WebBrowserJFile.lnk (1 bytes)
%Program Files%\JFileManager\WebBrowser.exe (5064 bytes)
%Documents and Settings%\All Users\Desktop\JFileManager.lnk (824 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\nse3.tmp\System.dll (11 bytes)
%Program Files%\JFileManager\Languages\German.ini (1 bytes)
%Program Files%\JFileManager\dotNetFx40_Full_setup.exe (30344 bytes)
%Program Files%\JFileManager\LTV.exe (6 bytes)

The Trojan deletes the following file(s):

%Documents and Settings%\%current user%\Local Settings\Temp\nse3.tmp (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\nsz1.tmp (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\nse3.tmp\nsProcess.dll (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\nse3.tmp\System.dll (0 bytes)

Registry activity

The process %original file name%.exe:944 makes changes in the system registry.
The Trojan creates and/or sets the following values in system registry:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd72-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Directory" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path4]
"CacheLimit" = "65452"
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache4"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CacheLimit" = "65452"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData" = "%Documents and Settings%\%current user%\Application Data"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Documents" = "%Documents and Settings%\All Users\Documents"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Personal" = "%Documents and Settings%\%current user%\My Documents"

[HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"@xpsp3res.dll,-20001" = "Diagnose Connection Problems..."

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd73-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cookies" = "%Documents and Settings%\%current user%\Cookies"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache2"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common AppData" = "%Documents and Settings%\All Users\Application Data"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd75-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop" = "%Documents and Settings%\All Users\Desktop"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cache" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files"

[HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication]
"Name" = "%original file name%.exe"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Desktop" = "%Documents and Settings%\%current user%\Desktop"

[HKLM\System\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings]
"ProxyEnable" = "0"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CacheLimit" = "65452"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]
"SavedLegacySettings" = "3C 00 00 00 1A 00 00 00 01 00 00 00 00 00 00 00"

[HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication]
"ID" = "1460017394"

[HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache\%Documents and Settings%\%current user%\Local Settings\Application Data\Setup Wizard\c54747b6-b9f3-4091-9baf-f1ed791ee404]
"jfilemanagersetup.exe" = "jfilemanagersetup"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Local AppData" = "%Documents and Settings%\%current user%\Local Settings\Application Data"

[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "08 73 F6 B8 C7 59 53 17 77 3A 68 DF CD 1F 2D 61"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache1"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CacheLimit" = "65452"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"MigrateProxy" = "1"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"History" = "%Documents and Settings%\%current user%\Local Settings\History"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b98117e8-75ca-11e2-81b2-000c293708fb}]
"BaseClass" = "Drive"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache3"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Paths" = "4"

[HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache\%Program Files%\Internet Explorer]
"iexplore.exe" = "Internet Explorer"

The Trojan modifies IE settings for security zones to map all local web-nodes with no dots which do not refer to any zone to the Intranet Zone:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"UNCAsIntranet" = "1"

The Trojan modifies IE settings for security zones to map all web-nodes that bypassing the proxy to the Intranet Zone:

"ProxyBypass" = "1"

Proxy settings are disabled:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = "0"

The Trojan modifies IE settings for security zones to map all urls to the Intranet Zone:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"IntranetName" = "1"

The Trojan deletes the following value(s) in system registry:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"AutoConfigURL"
"ProxyServer"
"ProxyOverride"

The process WebBrowser.exe:1652 makes changes in the system registry.
The Trojan creates and/or sets the following values in system registry:

[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "5A F4 CD 3E 9F 61 C5 46 8B 0A 84 E7 CA 71 74 B8"

The process JFileManager.exe:2052 makes changes in the system registry.
The Trojan creates and/or sets the following values in system registry:

[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "E9 0E 26 67 DA 47 35 9F 23 D8 52 2C D3 0A E4 BC"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData" = "%Documents and Settings%\%current user%\Application Data"
"Local AppData" = "%Documents and Settings%\%current user%\Local Settings\Application Data"
"Cache" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files"

The process jfilemanagersetup.exe:1980 makes changes in the system registry.
The Trojan creates and/or sets the following values in system registry:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData" = "%Documents and Settings%\%current user%\Application Data"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JFileManager]
"Publisher" = ""

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Start Menu" = "%Documents and Settings%\All Users\Start Menu"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JFileManager]
"DisplayVersion" = "v1.0.0.2"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Personal" = "%Documents and Settings%\%current user%\My Documents"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JFileManager]
"UninstallString" = "%Program Files%\JFileManager\uninstall.exe"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd73-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Local AppData" = "%Documents and Settings%\%current user%\Local Settings\Application Data"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common AppData" = "%Documents and Settings%\All Users\Application Data"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd75-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"My Pictures" = "%Documents and Settings%\%current user%\My Documents\My Pictures"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop" = "%Documents and Settings%\All Users\Desktop"

[HKLM\SOFTWARE\JFileManager\JFileManager]
"InstallDir" = "%Program Files%\JFileManager"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Startup" = "%Documents and Settings%\All Users\Start Menu\Programs\Startup"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JFileManager]
"DisplayName" = "JFileManager"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Documents" = "%Documents and Settings%\All Users\Documents"
"CommonVideo" = "%Documents and Settings%\All Users\Documents\My Videos"
"CommonMusic" = "%Documents and Settings%\All Users\Documents\My Music"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Start Menu" = "%Documents and Settings%\%current user%\Start Menu"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"CommonPictures" = "%Documents and Settings%\All Users\Documents\My Pictures"

[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "CE 2B 45 79 96 32 B0 E0 70 9F 47 E6 8E 7B FA 27"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Programs" = "%Documents and Settings%\All Users\Start Menu\Programs"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Desktop" = "%Documents and Settings%\%current user%\Desktop"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd72-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b98117e8-75ca-11e2-81b2-000c293708fb}]
"BaseClass" = "Drive"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JFileManager]
"EstimatedSize" = "6015"
"DisplayIcon" = "%Program Files%\JFileManager\JFileManager.exe"

[HKLM\SOFTWARE\JFileManager\JFileManager]
"(Default)" = "%Program Files%\JFileManager\JFileManager.exe"

Dropped PE files

MD5 File path
ca04007495aae5057da274a53a338ddc c:\Documents and Settings\"%CurrentUserName%"\Local Settings\Application Data\Setup Wizard\c54747b6-b9f3-4091-9baf-f1ed791ee404\jfilemanagersetup.exe
ca04007495aae5057da274a53a338ddc c:\Documents and Settings\"%CurrentUserName%"\Local Settings\Temporary Internet Files\Content.IE5\C9U7WXIF\JFileManagerSetup[1].exe
67986ec074b86590e110a76480f7da99 c:\Documents and Settings\"%CurrentUserName%"\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\msjava[1].dll
ac56f3a4d75499f5501dd8ee0faba055 c:\Program Files\JFileManager\ComponentFactory.Krypton.Toolkit.dll
c6d1dc750e7c72e70fe919441bfd7efe c:\Program Files\JFileManager\JFileManager.exe
f4f2e95f1bd669f0ff2fda93df846fc6 c:\Program Files\JFileManager\LTV.exe
9de67831de7205e5f7a8d95325b4c366 c:\Program Files\JFileManager\Newtonsoft.Json.dll
617ae3416669fb73ab8fd76b1c96bce4 c:\Program Files\JFileManager\WebBrowser.exe
53406e9988306cbd4537677c5336aba4 c:\Program Files\JFileManager\dotNetFx40_Full_setup.exe
096d18f71e04b204860a7d4f89d16728 c:\Program Files\JFileManager\uninstall.exe

HOSTS file anomalies

No changes have been detected.

Rootkit activity

No anomalies have been detected.

Propagation

VersionInfo

No information is available.

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Section MD5
.text 4096 1712128 528384 5.54495 3e416baa0740c16d44bb87e8869047f3
.rsrc 1716224 45056 41472 4.15724 dd74ac4b3d904a53419d68a629ab143e

Dropped from:

Downloaded by:

Similar by SSDeep:

Similar by Lavasoft Polymorphic Checker:

Total found: 202
9d038591bc758622d413d7377da19855
a5bbfc740e57ca2b6af1c3c9242558d7
f620319acf49ca583db18cb120eec35d
19bf37245c91fd6db37dfe5c143c7ea3
a340309e7fb752c6e097de8b10ef38da
5a3252dc177df20d8dba25e4ee071ba3
436eb7763a11fb95767e49aa6d649ca4
442e6aa092d2b40346c9561633a17ec4
bb227d72790ab1a3de5f7b4dddc02dde
832ed6a04d80d7236574fa90003efb2c
97e13bab2fb5b1349de7d43aedf7564b
8b7c76b1cc3818becd02021334aff04b
a5759ee5610e13d8dab241b75cc1b8ad
3225a51c99f2c6ace5ebb235076e21ba
a4b11cf4971822a3bd51c17dd7395c8a
388f277554354fc71d2e0b7fe681fe67
9f625fd4d049964c9d9b09adebff3bbb
8aa3b3a0808050e9313bdb5d3e69743f
0781e72afb1b8636cb01cca471a69f7e
ced1ded80082af7f0c40dfe03e7cd458
7728b9653491be792c579ad3c23c90c2
5aeb29ad5490eefbe1a2c5cededf0285
63c51173daf1c8a29033c3bbef2dde86
e06a629a0c7dbcd521ace2f79eb4af78
fe8d0504aa055642a48d216c85a7698e

URLs

URL IP
hxxp://check.getipintel.net/check.php?ip=186.226.117.181&[email protected] 104.31.92.137
hxxp://api.playerfilemagno.com/ 52.88.32.222
hxxp://d2d1m1wxb9yipl.cloudfront.net/msjava.dll 52.85.184.240
hxxp://api.playerfilemagno.com/cdb296f33090dd30dae28e7cfd8cbc62cde02ff93c78b5e5d7801b144efdbe60344d06f76356b8790015602e2b9506715c022e588010a1757be0e42bbb4fb13370b435da073f73da74f062291d6cb9a8f40db64ad237ea1a848227c8d8a26cd6e1d433dff6589e89 52.88.32.222
hxxp://api.playerfilemagno.com/9533ea2e80c624b747e0611d49beaa086ea42e938009f868d86701dc2d7eb1186fc5e61aa7b61b17a313011b5ddd450a81e111041d142b88 52.88.32.222
hxxp://api.playerfilemagno.com/maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/style.css 52.88.32.222
hxxp://api.playerfilemagno.com/__maxpower__/render_template/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab?language_code=en 52.88.32.222
hxxp://api.playerfilemagno.com/__maxpower__/render_screen/2014/11/8b9c3fb4-73d0-11e4-925e-06a3579b0dab/screen_variation=videoUpdater 52.88.32.222
hxxp://api.playerfilemagno.com/maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/i-download.png 52.88.32.222
hxxp://api.playerfilemagno.com/maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/loading-install.gif 52.88.32.222
hxxp://api.playerfilemagno.com/maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/progress-bar.png 52.88.32.222
hxxp://api.playerfilemagno.com/maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/loadingBar.gif 52.88.32.222
hxxp://dybraso4svbl2.cloudfront.net/8c/JFileManagerSetup.exe 52.85.184.102
hxxp://www.playerfilemagno.com/BesH3gE9/pop-up/ 54.186.187.58
hxxp://www.playerfilemagno.com/lpresources/js/linkv2.js 54.186.187.58
hxxp://www.playerfilemagno.com/lpresources/js/ainj.js 54.186.187.58
hxxp://www.playerfilemagno.com/lpresources/js/dlStoragev1.js 54.186.187.58
hxxp://www.playerfilemagno.com/mh/53a811d55f1c1e744b000002/2307c835-660a-4bd8-a3df-031d9af89e85/53a811d55f1c1e744b000002/default/media/js/jquery-1.11.1.min.js 54.186.187.58
hxxp://n149adserv.com/js/show_ads.js 204.155.152.38
hxxp://api.playerfilemagno.com/421b2534e5da9f1c66c5553e41e2f1f744c7fc7e05821a6cd1040bda26aab4cb003c32a7a02ece05566385c9b3de63d75666b26671ba234b 52.88.32.222
hxxp://api.playerfilemagno.com/__maxpower__/render_screen/2014/11/a888aa68-73d0-11e4-b71d-06a3579b0dab/screen_variation=videoUpdater 52.88.32.222
hxxp://api.playerfilemagno.com/maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/bullet-short.gif 52.88.32.222
hxxp://staticrr.tgusrv.com/sdb/e0/WebBrowser.xml?d715541a-bf4c-49be-a2d4-7af901ad6833
hxxp://staticrr.fastplayerpro.com/sdb/e0/WebBrowser.xml?d715541a-bf4c-49be-a2d4-7af901ad6833 52.25.133.123
ssl.google-analytics.com 216.58.214.200


IDS verdicts (Suricata alerts: Emerging Threats ET ruleset)

ET POLICY Executable served from Amazon S3
ET SHELLCODE Possible TCP x86 JMP to CALL Shellcode Detected
ET TROJAN VMProtect Packed Binary Inbound via HTTP - Likely Hostile

Traffic

GET /maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/bullet-short.gif HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/gif
Date: Mon, 02 May 2016 10:54:57 GMT
ETag: "54f079fd-36"
Last-Modified: Fri, 27 Feb 2015 14:06:53 GMT
Server: nginx
Content-Length: 54
Connection: keep-alive
GIF89a.............!.......,...................P..U..;HTTP/1.1 200 OK.
.Accept-Ranges: bytes..Content-Type: image/gif..Date: Mon, 02 May 2016
 10:54:57 GMT..ETag: "54f079fd-36"..Last-Modified: Fri, 27 Feb 2015 14
:06:53 GMT..Server: nginx..Content-Length: 54..Connection: keep-alive.
.GIF89a.............!.......,...................P..U..;..



GET /js/show_ads.js HTTP/1.1
Accept: */*
Referer: hXXp://VVV.playerfilemagno.com/BesH3gE9/pop-up/
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: n149adserv.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Type: application/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Mon, 02 May 2016 10:54:55 GMT
Connection: close
a..............200...;ks.8... d..B.hINvr7dXZ.qv<.dfm'.:G..IHbB.Z...
.......|H..]].}.L.....n..,..Uz.....e....[.eQ...#.qr.....g.. .!n.V....m
..,Y..X..!.4O..V.5...Y..8....u^.....M.....X..%..K..`.....P...U..n..B.I
.....9.s....'b.....%l.g^.a.y..?.</r.z.u{M.Q...g.._c............B...
.$(.4..}@...I.hn.#=.`0yQ..b.,..`..V,.q.....?.l.&.O....(.....~...B.u.^0
.GIx.W..........z.``..:.7.h...YH.`.....>...X....Yh..........<g..
..q....k.1...Cm".....b...lh...e..!...YH.>..[..^l.FNrz.h.....\......
l........dA<. .W<..e...x.|..U.._....3.3B..N.oYl..D..$.m....200..
`i..!H.<....e..o3^...`....eJ..Y2O..PpRC.k_..:zNm.%Q]....u..x>...
}......{X\...H.....:....F.JF....U.C.?_..v$...qOv.|O.-..I."Z...bi5.G!5.
H.P...8*,)^..hf.-........Qi.?C.p.?G..........C..q...........s...54@...
.EL%....'..F7.V[.~.......#`..Y~....9q...Sp...."Y.R.....(.........3o.?.
.....Y.6..;...`...3...S4....A.....Z..2..u...Z..4.......h.......fj.....
...-aF,.k.....QX....:z\Q.`)...v.ch..!k.A.;...........6f.....z..%3 .h..
[..R.....K.....].T....STR..:..N.}... ......e..yQa....>0.l._3.h`.yt.
8..........B? ....a..{...p..`.[..200..........oN....-..H..x..!.y.%.,..
.`.CXq.....au.....".. H..9.......p.|......H...{iQ......q.e[....{.I.N..
[email protected]...*T<j..4..,...J........t..).A.lf..u....I.0....@}.nV,Z
$ga3x.4).2.GA9&....I...O.. .w...8........"....'JG. ...^..f..#6.5......
.l?1.i....5.m6.t.....,?..TD...zKT.. ......4.F...n.....).aQr.._.......k
k2V.Y0..C.Y..T3.`F......c .Sv.g..?n.L`.. ^..y..fs=........W ......f.9&
gt;[email protected]&/.f...M.2....G.:..3.2.R ..i......n./.HB.
<<< skipped >>>


GET /maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/loadingBar.gif HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/gif
Date: Mon, 02 May 2016 10:54:52 GMT
ETag: "54f07a05-12d72"
Last-Modified: Fri, 27 Feb 2015 14:07:01 GMT
Server: nginx
Content-Length: 77170
Connection: keep-alive
GIF89a|..............................c........"..y..4.....H.....i.....
/..1..2.....M.....W...........v...........-..u........0..1.. ..... ...
.....*.....!.....*.....,..{........z..s.....5........&.."..(..(..,..2.
.4..8..).. ..u..... ..$.....z..m...........*......../..*.....,........
...4..".....%..'.. ..............%........(../..............!.........
.....8.....&..3.....)..... ../........%..4.....!..NETSCAPE2.0.....!..X
MP DataXMP<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c01
1 66.145661, 2012/02/06-14:56:27        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http:
//ns.adobe.com/xap/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/s
Type/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Macintosh)" x
mpMM:InstanceID="xmp.iid:C7B15D6A6C0511E4901AB7B77D879212" xmpMM:Docum
entID="xmp.did:C7B15D6B6C0511E4901AB7B77D879212"> <xmpMM:Derived
From stRef:instanceID="xmp.iid:C7B15D686C0511E4901AB7B77D879212" stRef
:documentID="xmp.did:C7B15D696C0511E4901AB7B77D879212"/> </rdf:D
escription> </rdf:RDF> </x:xmpmeta> <?xpacket end="r
"?>................................................................
..................................................................~}|{
zyxwvutsrqponmlkjihgfedcba`_^]\[ZYXWVUTSRQPONMLKJIHGFEDCBA@?>=<;
:9876543210/.-, *)('&%$#"! .................................!.....
<<< skipped >>>

GET /maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/i-download.png HTTP/1.1


Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/png
Date: Mon, 02 May 2016 10:54:53 GMT
ETag: "54f07a01-599"
Last-Modified: Fri, 27 Feb 2015 14:06:57 GMT
Server: nginx
Content-Length: 1433
Connection: keep-alive
.PNG........IHDR...*...*.....J.^.....tEXtSoftware.Adobe ImageReadyq.e&
lt;...$iTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1
.0/" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http:/
/ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photo
shop CS6 (Macintosh)" xmpMM:InstanceID="xmp.iid:24FEED836BEF11E4901AB7
B77D879212" xmpMM:DocumentID="xmp.did:24FEED846BEF11E4901AB7B77D879212
"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:24FEED816BEF11E4
901AB7B77D879212" stRef:documentID="xmp.did:24FEED826BEF11E4901AB7B77D
879212"/> </rdf:Description> </rdf:RDF> </x:xmpmeta&
gt; <?xpacket end="r"?>lW1.....IDATx.b|[email protected]...#...k..
...!..T?.&..}_......{....`..?....{..z...'..a..C*....'V.....&VV"M...eWT
...{..X...b..\\.M.LHP.:..0.v..9..?.>.W.......ax....X...MM.........~
.xA.d....".nTT............/w..c,...!.....\T..;w.Z.......D.K......O....
G.......E..$X.D...9..../......K..$...JD.CF_............>.......Lc.f
.U.$.7.NqJK...".....|}.<|[email protected]..^.T.......d.....9
8.>..w RNK.*....C.._.<..q.....mX.)...?..D.l!.{<...7o......\..
......W.....^.|,?..v.;p.B..B..r..d.~B.........X%....b-<..c {9.Im.O.
.........Z?l...v\. ...F.0_B.5....IEND.B`.....
<<< skipped >>>

GET /__maxpower__/render_screen/2014/11/a888aa68-73d0-11e4-b71d-06a3579b0dab/screen_variation=videoUpdater HTTP/1.1


Accept: */*
Proxy-Authorization: Basic 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Language: en
Content-Type: text/html; charset=utf-8
Date: Mon, 02 May 2016 10:54:57 GMT
Server: nginx
Vary: Accept-Language
Content-Length: 814
Connection: keep-alive
.<!--finish Videoupdater-->....<div class="finish">..<h
1>........Setup Wizard.......</h1>..<p style="margin-top: 
15px; font-size: 13px;">You have succesfully installed the software
 below and they are ready to be used:</p>....<div class="item
s">...<ul>....<li class="check">%mapp%</li>......
</ul>..</div>....<div class="clear"></div>....
<p>Recommended offers:</p>......<div class="list-toolba
rs" id="alloffers">....<ul class="_FinishOffers">....</ul&
gt;...</div>....<!--...<div class="banner">......<if
rame src="hXXp://n149adserv.com/ads?key=09879bcf6e631312a2c4d02d9cae27
2f&width=300&height=250" frameborder='0' scrolling='no' width='300' he
ight='250'></iframe>...</div> ..-->.........<inpu
t id="_Bexit" class="_Bexit close absol" tabindex="2" type="submit" na
me="nombre" onclick='onExit()' value="Close">....</div>..nt>....



GET /check.php?ip=186.226.117.181&contact=1460343304005pc5dU2LUnB@gmail.com HTTP/1.1
Accept: */*
Proxy-Authorization: Basic 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Host: check.getipintel.net
Connection: Keep-Alive


HTTP/1.1 400 Bad Request
Date: Mon, 02 May 2016 10:54:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d84ee2087fef6422b275c9f5e83a583081462186485; expires=Tue, 02-May-17 10:54:45 GMT; path=/; domain=.getipintel.net; HttpOnly
X-Powered-By: PHP/5.4.45-0 deb7u2
Server: cloudflare-nginx
CF-RAY: 29caefe138ee16b8-ARN
2..-5..0..HTTP/1.1 400 Bad Request..Date: Mon, 02 May 2016 10:54:46 GM
T..Content-Type: text/html..Transfer-Encoding: chunked..Connection: ke
ep-alive..Set-Cookie: __cfduid=d84ee2087fef6422b275c9f5e83a58308146218
6485; expires=Tue, 02-May-17 10:54:45 GMT; path=/; domain=.getipintel.
net; HttpOnly..X-Powered-By: PHP/5.4.45-0 deb7u2..Server: cloudflare-n
ginx..CF-RAY: 29caefe138ee16b8-ARN..2..-5..0..



GET /msjava.dll HTTP/1.1
Accept: */*
Proxy-Authorization: Basic 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Host: d2d1m1wxb9yipl.cloudfront.net
Connection: Keep-Alive
Cache-Control: no-cache


HTTP/1.1 200 OK
Content-Type: application/x-msdownload
Content-Length: 940304
Connection: keep-alive
Date: Sun, 01 May 2016 18:00:48 GMT
Last-Modified: Tue, 22 Mar 2016 16:49:18 GMT
ETag: "67986ec074b86590e110a76480f7da99"
Accept-Ranges: bytes
Server: AmazonS3
Age: 60839
X-Cache: Hit from cloudfront
Via: 1.1 2ce6276171358bf7d052aa190ed98f8d.cloudfront.net (CloudFront)
X-Amz-Cf-Id: aeiE0JNxm7JhzWlrFTXGV_bk3cYWS4ivsH4LBfbfSMUQ9h6MWQvXzg==
MZ......................@.............................................
..!..L.!This program cannot be run in DOS mode....$.......PE..L.....C8
...........#...............................k..........................
......m...............................`#..te..........................
......................................................................
...........................text............................... ..`.dat
a...d"......."[email protected].............................
..@[email protected][email protected]@...0[.8M..... 8W...
4.D8a...4.D8l...6.D8y...5.D8............KERNEL32.dll.NTDLL.DLL.GDI32.d
ll.USER32.dll.ADVAPI32.dll.OLEAUT32.dll.ole32.dll.....................
......................................................................
......................................................................
......................................................................
......................................................................
............................................ .........................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
......................................................................
..................................................................
<<< skipped >>>


GET /maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/progress-bar.png HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/png
Date: Mon, 02 May 2016 10:54:52 GMT
ETag: "54f07a08-570"
Last-Modified: Fri, 27 Feb 2015 14:07:04 GMT
Server: nginx
Content-Length: 1392
Connection: keep-alive
.PNG........IHDR...|.........L.......tEXtSoftware.Adobe ImageReadyq.e&
lt;...$iTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1
.0/" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http:/
/ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photo
shop CS6 (Macintosh)" xmpMM:InstanceID="xmp.iid:15582AE06BF411E4901AB7
B77D879212" xmpMM:DocumentID="xmp.did:15582AE16BF411E4901AB7B77D879212
"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:24FEED896BEF11E4
901AB7B77D879212" stRef:documentID="xmp.did:24FEED8A6BEF11E4901AB7B77D
879212"/> </rdf:Description> </rdf:RDF> </x:xmpmeta&
gt; <?xpacket end="r"?>[email protected]~:52u.....,.g...e.
.<..l..F...|.E.....G....n..g......V..v.^.C..?... .........k..Bc.Y.V
....._....E.(...T.eR...`yn..i.{t...-{tB..{\5......y..s..4kyn<=\5.KV
:......u..l..QK.)z.n.........c......\....N.=EG..w..^.Xh......~....w...
>..S.dy.H.$5.@.^o..........t...5.N|...>....3..H.....(.3..`Ft....
......y..~8^...1OC..x....it&W@it..."..=^MV..WA.$.....W...D6.....v.y...
....Pis..2.W:..^..........-.lx>P......3$CR...}.<..5*......f,vl]c
.i...k...xN.|>o6......P......z..p8..cv.....o.....&..m.c....IEND.B`.
....
<<< skipped >>>

GET /maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/images/loading-install.gif HTTP/1.1


Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/gif
Date: Mon, 02 May 2016 10:54:53 GMT
ETag: "54f07a03-1ef8"
Last-Modified: Fri, 27 Feb 2015 14:06:59 GMT
Server: nginx
Content-Length: 7928
Connection: keep-alive
GIF89a..........DCD...:::.........qqq............555...zzziii}}}......
.........aaaQQQeee...%%%.........VVV...lll...............,,,...YYY...)
))...uuuJJJNNN!"!...]]]...101.................................\[\.....
....#$#KLK.../0/KKK[\[`_`...GGG'''...???............///......ccc...sss
ddd```...###.........SSS...777...VVV...888...xxx...............{|{{{{g
hg............kmk444XXX......OOOWWW...222...333!..NETSCAPE2.0.....!..X
MP DataXMP<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c01
1 66.145661, 2012/02/06-14:56:27        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http:
//ns.adobe.com/xap/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/s
Type/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Macintosh)" x
mpMM:InstanceID="xmp.iid:C7B15D6E6C0511E4901AB7B77D879212" xmpMM:Docum
entID="xmp.did:C7B15D6F6C0511E4901AB7B77D879212"> <xmpMM:Derived
From stRef:instanceID="xmp.iid:C7B15D6C6C0511E4901AB7B77D879212" stRef
:documentID="xmp.did:C7B15D6D6C0511E4901AB7B77D879212"/> </rdf:D
escription> </rdf:RDF> </x:xmpmeta> <?xpacket end="r
"?>................................................................
..................................................................~}|{
zyxwvutsrqponmlkjihgfedcba`_^]\[ZYXWVUTSRQPONMLKJIHGFEDCBA@?>=<;
:9876543210/.-, *)('&%$#"! .................................!.....
<<< skipped >>>

POST /421b2534e5da9f1c66c5553e41e2f1f744c7fc7e05821a6cd1040bda26aab4cb003c32a7a02ece05566385c9b3de63d75666b26671ba234b HTTP/1.1


User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36 2 R:-842150449
Host: api.playerfilemagno.com
Content-Length: 3046
Cache-Control: no-cache

cdata=86394263D6DED7AD3ED013DFEF7E64F6137A208FB1ABB3F74C63F2DAA19383D3FD1D608CEFC8325742961BFA23E787C053B8D6AD3DD461FCB0B26CE7A08C38A5D6DB823BE60CB284611998991028BE38C4EF69891E674B1B8B220BFB20BAD163FFEDA11648DD04F847C1B242EC415E48225CBBD8B904AF067D156766B526CCBE7C5A0D883E951EA5AD000DEB02A60D93678FFFE2322BC8AD739A7AB9B51737C7FCC38F6F410FB8D3B4753849708686BFF9C9343E75012989C36176873B7E25362B1BA2E29360D193FAB5730126C8D2D2889FD7524B2111D39E983772719C542D6AA951AE9D141F6084CFAEC21F22E678D95AB059FC41F2F98A43A1DD7769AADE8192691294481D0B45719CD3F02F78DECE1EA0159A6F69BB138B70FA334D4C0D54C7EF9EE605676960741C8F48E00972E734B51E2F99BC67F8C698FC2D60C5CCEA7B2507864D40E138D6BBBF84B68B18741D96922E23A26901FE76814138F50B98BEEC623F7C169FEBA6439CC43D3EC2AC5BEA067B76DC321CB8BB666BC2A36584C42DE6F33391CECF18F238040093965729862D1B85C9FF285B2B669A98FCF3856FF943FA2A6B1B0F9DC7DE9CB4986C3AFB0A9ADD63E597842DE732922161ACEEAF18DC71E45223C7090365C7DAFC2B1F632D8FC31D47E76580C5B9CFB3DEAD0AC452B9FC8BE37728EA8035F6A0457715BB8D9EA01E4E46B763267561C6A79D09E43AD11BBF375E662C6F0975B0C4B8F03E2B6EEF971E21D1D91CBC9AD18C163BCE87106EA77D11D75821C48779F1C7C6B5D1E54B3B31FCC9EE0E46E4003611C2461043054AA4F13CBF5593440E5D3
HTTP/1.1 200 OK
Content-Type: text/plain
Date: Mon, 02 May 2016 10:54:57 GMT
Server: nginx
Content-Length: 7
Connection: keep-alive
MAXTHX.HTTP/1.1 200 OK..Content-Type: text/plain..Date: Mon, 02 May 20
16 10:54:57 GMT..Server: nginx..Content-Length: 7..Connection: keep-al
ive..MAXTHX...



GET /8c/JFileManagerSetup.exe HTTP/1.1
Accept: */*
Proxy-Authorization: Basic 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Host: dybraso4svbl2.cloudfront.net
Connection: Keep-Alive
Cache-Control: no-cache


HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 2229214
Connection: keep-alive
Date: Mon, 02 May 2016 10:54:54 GMT
Last-Modified: Tue, 12 Apr 2016 12:07:07 GMT
ETag: "ca04007495aae5057da274a53a338ddc"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 8a4d4882753d62d900bb1b7541308eca.cloudfront.net (CloudFront)
X-Amz-Cf-Id: k6JrRMBP4vPmSERmIFSs4fmTn5s2oREpuI23NujsvNyOgHQ83meSGw==
MZ......................@.............................................
..!..L.!This program cannot be run in DOS mode....$.......1..:u..iu..i
u..i...iw..iu..i...i...id..i!..i...i...it..iRichu..i..................
......PE..L......K.................\..........<2.......p....@......
....................................................................s.
......................................................................
................p...............................text...ZZ.......\.....
............. ..`.rdata.......p.......`..............@[email protected]........
[email protected][email protected]
rc................v..............@..@.................................
......................................................................
......................................................................
......................................................................
......................................................................
...............................................U....\.}..t .}.F.E.u..H
.....>[email protected].>[email protected].
P.u...Pr@..}[email protected]... M.......M....3.....FQ.....N
U..M..........VT..U.....FP..E...............E.P.M...Hp@..E...E.P.E.P.u
[email protected]}[email protected].}.j.W.E......E.......P
[email protected]@[email protected] [email protected]..
.\r@._^3.[.....L$...>B...Si.....VW.T.....tO.q.3.;5.>B.sB..i.....
.D.......t.G.....t...O..t .....u...3....3...F.....;5.>B.r._^[..
<<< skipped >>>


GET / HTTP/1.1
Accept: */*
Proxy-Authorization: Basic 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/html
Date: Mon, 02 May 2016 10:54:46 GMT
ETag: "54521356-38"
Last-Modified: Thu, 30 Oct 2014 10:30:46 GMT
Server: nginx
Content-Length: 56
Connection: keep-alive
<html><head><title>ok</title></head><
body></body></html>HTTP/1.1 200 OK..Accept-Ranges: byte
s..Content-Type: text/html..Date: Mon, 02 May 2016 10:54:46 GMT..ETag:
 "54521356-38"..Last-Modified: Thu, 30 Oct 2014 10:30:46 GMT..Server: 
nginx..Content-Length: 56..Connection: keep-alive..<html><hea
d><title>ok</title></head><body></body&g
t;</html>....


GET /cdb296f33090dd30dae28e7cfd8cbc62cde02ff93c78b5e5d7801b144efdbe60344d06f76356b8790015602e2b9506715c022e588010a1757be0e42bbb4fb13370b435da073f73da74f062291d6cb9a8f40db64ad237ea1a848227c8d8a26cd6e1d433dff6589e89 HTTP/1.1


Accept: */*
Proxy-Authorization: Basic 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Content-Type: text/html
Date: Mon, 02 May 2016 10:54:49 GMT
Server: nginx
transfer-encoding: chunked
Connection: keep-alive
2253..a037696523f4928de6abd9a7ce9b5c848bc3b9f8052c3069aacef6e6711c6227
d2e83b0c664b23a5574659cbc2c0c360b8393c202f343cca054a40cd9e44cc19d51004
fff17552e9f41f0cc17b4de7948f3c1a2f944b47176ed47e23238e4cb9aa550a6f389e
29e22af7e093653bbd24df616397535afe901a339bbbf55aaace1cc4b929105cc81468
76f7f8f72c3d8b9b240e9bf86a7124d7e43985dd6edfa47603bc19243800a596254702
d358ba9706f9545abb5580dadefb4041c054fa3308d5ff28f7711ff9eec389b74f399e
15a203bce4524f0051eebeee57be0dac721fc8fe7945aadf85e289a28257abc001bb70
8c2066dd4f3733c7cb5bd5823ab0b9330aea25b9cf67a2f18d2a9cddbc2d640eb40a91
caa1d86abbedfc5a583773310be512979b38d2d6c1aa523133d3cd6a0691ba3e7fb6a2
c5571ca53a9cc0f499a3171a6c445451b5bfaee6559869e5fabe82991b77299a274a13
5507dadcb52fb7ef9be7b4566023ac1cb3eae83e50dcff3a64035e6f746f7602609703
b4e5ebd9c3dd4f2732ed2e23799f357d78a34fc1ceafdf598b03116602d0286719fb86
27863d0f24488fabf04e3eaab100ac9fdbf43a525c31088d94208a9b917d41ea6832dc
670e0173de6fff914f757581652e5da872804450c7b972a09a7398d77f87d20b0e2521
797a51e70a10faa38d6cc114708a2fc938552e67ce4a9b99477fd4f91d474411172845
f9e5364ec04aa60ad1258133af7a7ba3ba3eaa376fee56e59d28d752da4040450fbff0
d26acd3c7a62df0cd17a2082f3e08b195d76352a14d2e22cc86cb4f54fa45633a1fe5c
fca4712fe6f48a15b74c8184ebfce488e04215bbf956aa6e22a5aa08ff4fccc52235e4
dabe0fcb136957895a6f806dd99e657aa0d6ac4216dcbb0dc4ca6cb02636d5cb6c6cd1
dd8e2c09591743394e91ade761a4f2c13933eda50598f7aaf748265644b75db68cd8d3
d9e9941ba4993119c5637308a1e65078d35739440476dd8bcc29361483f2e1b092883e
796f1370701d0c9ba1e4841977857dbcb9b6306f4988541dd559bc5ed137e94539
<<< skipped >>>

POST /9533ea2e80c624b747e0611d49beaa086ea42e938009f868d86701dc2d7eb1186fc5e61aa7b61b17a313011b5ddd450a81e111041d142b88 HTTP/1.1


User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36 1 R:-842150450
Host: api.playerfilemagno.com
Content-Length: 2630
Cache-Control: no-cache

cdata=86394263D6DED7AD3ED013DFEF7E64F6810202E9866DC605C250CECCD7CB22F9686417E27FE9F67D358BFE17ACB1D241180ECC39589A1933488922E01AA18B5990C77361D300FD3F93ED09E2CB744C97B804FC5436AE22A9F5722F00091BD76000B9B8EAF5890BC34CC270795D90185A0E59CBC1D6A7E94CECB6C8B8591A04A0E89D21943A2D3897FB5937D126B51DD52311B5DFDF579EBDF3EA00D1777CFF228CD3F71106FDC8F6DB041CDA66C92B08C2A95630B5CA33E93BB2217A2D18F7CF404C23B7AED91192CBE8ED0F8AB999600DE61CB9496FE7ABB901B20B2A34EC17B64BFF3D5D6095729D51340C5E425E2FAEE976E0EBB8115F8967C22CBC501C748E3CAAE88DBCA21D11211C514A31D4DDC987E1D99EB50707B055EBC176ADF9CC29D8A4EB1DC027550A5C248040D808DAEDC42C9230ACF19FB7EEAF46DC871570F1970C0C4541DFD514561040695D334873A29807106A37D0E1DD6D1FE96ADD83765E1444F495C20360A68EE6D6206B4F2DBB52D6F394D4C1B04699FB7724F92A80BCBCD2CD00806D260887496AABAE0753FBFD1E50ABB429D68508DC7146B39B1C2559C23B94C956400599DA8EE7A46E2EE7FEE6C9E8304AEA8DF35988B6E6CC923284410F2BA7BD824626B7DE572876ACD07D1FB5FB25821C722261C13A3150C4D79C69FFD8CA5745B02D621E85ABBBAEB3BECB8E9C8079EECA52C2C2AFC1D35528B05E69ED556912E26BC16A7878B7F0D80D31FC3F77CDD37E83E11E5CB9488111B9DA71FCAAB83F540C61216F302D437FFAEF8D47113EFE18303A11D879449F3EEC25F49616C335145862DD53F6E
HTTP/1.1 200 OK
Content-Type: text/plain
Date: Mon, 02 May 2016 10:54:51 GMT
Server: nginx
Content-Length: 7
Connection: keep-alive
MAXTHX.....


GET /__maxpower__/render_template/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab?language_code=en HTTP/1.1


Accept: */*
Proxy-Authorization: Basic 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Language: en
Content-Type: text/html; charset=utf-8
Date: Mon, 02 May 2016 10:54:51 GMT
Server: nginx
Vary: Accept-Language
Content-Length: 2403
Connection: keep-alive
..<!--Template VideoUpdater-->..<div class="container">.&l
t;div class="videupdater">. <div class="minimize">.  <ul&g
t;.    <li><span id="_Bminimize" onclick="minimizeWindow();" 
class="button-min">-</span></li>.    <li><span
 id="_Bexit" onclick="onExit()" class="button-min">x</span>&l
t;/li>.  </ul>.</div>..<div id="_frameContainer" cla
ss="content">..  ..</div>...<!-- buttons -->.<div cl
ass="buttons">..  <!--botones derecha -->.  .  <input id="
_Bnext" class="_Bnext grey right" buttonText="Next" tabindex="0" type=
"submit" value="Next »" onclick='onAccept();'>.  ..  <!--b
otones izquierda -->..  .  <input id="_Bomit" class="_Bomit norm
al-close leftnowidth" tabindex="3" type="submit" name="nombre" value="
Skip All" onclick='onOmit();'>.  .  .  <input id="_Bdecline" cla
ss="_Bdecline normal-close leftnowidth" tabindex="1" type="submit"  na
me="nombre" value="Decline"  onclick='onDecline();'>.  ..  <div 
class="clear"></div>.</div>..  ..<div class="contact
">.  <div class="contact-in" style="height: 20px;">..    <
ul>.      <li><a target='_blank' class="first _TitPrivacy"
>Privacy Policy</a></li>.      <li><a target='
_blank' class="_TitSetup">Setup info</a></li>.      <
;li><a target='_blank' class="_TitFree">Why is this free?<
/a></li>.      <li><a target='_blank' class="_Ti
<<< skipped >>>

GET /__maxpower__/render_screen/2014/11/8b9c3fb4-73d0-11e4-925e-06a3579b0dab/screen_variation=videoUpdater HTTP/1.1


Accept: */*
Proxy-Authorization: Basic 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Language: en
Content-Type: text/html; charset=utf-8
Date: Mon, 02 May 2016 10:54:51 GMT
Server: nginx
Vary: Accept-Language
Content-Length: 961
Connection: keep-alive
..<!--Intall Videoupdater-->..<div class="install">..    &
lt;h1>Installation Progress</h1>.    .    <p>This Downl
oad Manager will minimize to your system tray shortly to allow you to 
work on other items while your selections install. To restore this win
dow, simply click on the icon in your system tray.</p>.    .    
  <div class="install-loading">.    </div>.    <div cla
ss="progress-bar">.        <div class="_TotalProgressLevel progr
ess-level" ></div>            .    </div>....<div cl
ass="clear" style="height:10px; display:block;"></div>.     &
lt;div class="_ProgressInstallingText" style="display:none; text-align
: center; margin-left: 45px; width: 422px;"><p>Installing ...
</p></div>.    .    <div class="_ProgressText" style="d
isplay:none;  margin-left: 33px;">.        <p>Process: <sp
an class="_ProgressTextDownloaded"></span>  of <span 
class="_ProgressTextTotal"></span> (<span class="_Progress
TextPercentage"></span> %)</p>.    </div>..   .  
 .</div>.....



GET /BesH3gE9/pop-up/ HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html
Date: Mon, 02 May 2016 10:54:53 GMT
Server: nginx
Set-Cookie: lpsl_BesH3gE9=344109fef83e0ec27339e16b78234e08 1462272893; Path=/; Expires=Tue, 03-May-16 10:54:53 GMT;Domain=VVV.playerfilemagno.com
Vary: Accept-Language
Content-Length: 1080
Connection: keep-alive
...........V.o.6.._..!.IN&...... s:[email protected].$.$e.-..{.d..]l f.0}.
{.;.w...\.>....5..4Ao.....1.6!....\O..._&7o..4.D.L.*..M.y..Fx.T>
 d.Z9....=..A.5......v".P.xdx....$.......W../...0../B..D. ..9..b..,..V
V...|L.\0...0I..$q..l9..G..<G..F.l.?A..;...gK......Q..\..E.........
.>.N.S..I.M{..v:....{~>k.O....n.kw...&..ga...0..m7....g....C.."Q
.#E.=S>.J.D..:=.JO.*a`.~.._.S.....Z|*.X.....I....^......f..x..1....
=."`.T.jFhz.Q0.BB..'?.=....;.m...m .n......ANKwB.........XR....@>..
.P-.'.\..'.o..................).g.ey\`bb.....Y.nbM.B:.<7.%...{...M.
....j.D...*.....V.....@D.!.$.A.Bc.....B....L.i.h....J..!....3...A[K...
Lw..x.p..g,....4..5.......Y:.3.Dg.\D]..uS.:)...d.p......a...A...n}j..K
T.R3.<;p. ......wL.S..o.L.q$.\..l,.g2.9.V1....pT....f.......:R.3..y
...Zj.Q......m....4.F....F....x....Q....#.C....d.N.....aw..\'0.v..r.N.
....{.fw."...^?...E7.Z....w..i..Q..C..%:dk.!..DJ.6. ..:......4.sYn....
.jZ......8xx.[H...T.T........J./..q..47.<.n.....MSv..V...l.v.~.....
......7..)<..._......G......,.s.j|.kGO.jjLx.]xe...2...9rg6....L}...
...4..`VdE.4..ChOJ..2....K.'..~_.B..{.7...|}.W.K..7............
....


GET /lpresources/js/linkv2.js HTTP/1.1


Accept: */*
Referer: hXXp://VVV.playerfilemagno.com/BesH3gE9/pop-up/
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.playerfilemagno.com
Connection: Keep-Alive
Cookie: lpsl_BesH3gE9=344109fef83e0ec27339e16b78234e08 1462272893


HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Mon, 02 May 2016 10:54:53 GMT
ETag: "280056-d84-4feef24b01140"
Last-Modified: Thu, 24 Jul 2014 11:56:13 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 1358
Connection: keep-alive
...........WYo.8.~..`.ELV.|...q. M.........AIT,D...r....;$E.Ns 0,..|sr
f.Ty$."G.4..L...[&.T........B;.Q^......}..a...?.c.&h6.N..P...\.... 5.S
..9......5.)..R..xQ.1Vb.......V.A........>:[email protected])..:.[....w4....
.Q.e..".\..!)..h.^......;..M......n....P.>....^ zBQ...Y.kq^e...L0..
"...c...R..7Y..Jd..1pc....BO82.......l.r&"Z.....B!y..Z......i...?....9
..5..gED.. .|T.=Qf.....\.V..O..C../x....M..l..z.."W.B.a..rh..,...'.?..
.?.L...c.N......5.A.."...u*..........?\..2W..q.......h..mb`Y.1...k..i.
w.8K.;.3.,e.e......2T..FtS..K......7"..,*e.&.e.W.%v......=.L.....\.'.{
......D9.U...s.-... ..JD..U.0pHqwV..;8Y5A....G.........T/.?~.w..A.aI..
.\i.}P.@k%<.G.7......%u2..0.....3.(.H%.......P?1x:n...=.:...m...v2.
.w.....Go..tj.(-7.K. =Y.4.>.........7.(.w.q ... i..Lt/.....W.....T.
..)..W.."Y...`..%..,...........tW..8.C.A2.,8(...j..../.B...x.S..u..X..
..f..=..U8......vLc. [email protected]' E..A3.....t......-.yhZ)..6.`....o%....
.....'.Y...u...c..&....... .Q.9.....Vm.mW...h..W...C.w............'...
r.(.t).j......L...9.j.Uc...QBa9 ..3gPJ.WJ.]xj..!M.<....U......_....
.K!0...Ea..F...J=..`.6R.a..V..,cj . ..W..h.i........T....T_.l[.....i.u
..VL.u.AE..CR..n...l......y..}...1..5.................O...`'.MW8c...|.
. x...{.t..........}_...^..&...?[..9Y|...g.-..._.....h.G~.....i1...b..
...&.:.j..9.g.]B]..}..K>......{.7.aNqtMWD.6.0g.......0..z...PghuR7.
.}..f.y./.p-.%T.n.......xN.j.[.Q......h}e.........
<<< skipped >>>

GET /lpresources/js/ainj.js HTTP/1.1


Accept: */*
Referer: hXXp://VVV.playerfilemagno.com/BesH3gE9/pop-up/
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.playerfilemagno.com
Connection: Keep-Alive
Cookie: lpsl_BesH3gE9=344109fef83e0ec27339e16b78234e08 1462272893


HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Mon, 02 May 2016 10:54:54 GMT
ETag: "185921-0-4f9c38966d780"
Last-Modified: Mon, 19 May 2014 16:48:46 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
........................


GET /lpresources/js/dlStoragev1.js HTTP/1.1


Accept: */*
Referer: hXXp://VVV.playerfilemagno.com/BesH3gE9/pop-up/
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.playerfilemagno.com
Connection: Keep-Alive
Cookie: lpsl_BesH3gE9=344109fef83e0ec27339e16b78234e08 1462272893


HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Mon, 02 May 2016 10:54:54 GMT
ETag: "180b8a-1a57-50572ea11d0c0"
Last-Modified: Wed, 15 Oct 2014 09:39:55 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 2010
Connection: keep-alive
...........X[o...~v~...H:q..X,...]d..]t/i.A..b.P.(.F.]..c....!.....p..
.....\...K.Y..P.......b..c.........\3 J..2o-e.*!.....Ur....S>..(..^
....Z ...i..Z...Z.^.(b.}&.....O.$.:.:.....c{D........K.,.....WH.{C..}.
...2 n..Q..~[$p.1..C/<8.....EZ:_..'..@/.#...ud,K.T....J....i|....3=
.....N.!.nY@g....~...~j..i..jj..m.D;l.94.h.$A..9..n.Vp?.X.O..&...."...
....mch....'L..[m...m...XfR......G9(.....BVq....\....G..1....V[.......
......%....H<[email protected]@....[.. .fZ8Ie...Z..%Zdy
[email protected].~-..X?[O.Y.i{.K: L.....D......-......... .k.......r.6..
... v.5X..l.O..F...9..-.O.....5^.L.i..<Ip..O.....~...,...>.2/...
H.R .v..2....R*}:....X.......p2i..b..^.......tW.y...).'....H.......E.)
.Bx].......p.....9.c]...V....w..(. $D..uc..\.&OFv.2.>%.yf..!B.V4.).
..~k..db...Z.......}.....&..^...{cGzV.V...yv:..^....vQ..`[email protected].
.......h*[email protected]{h./.HpF.).T......i.......3u.'...fK..j.OY.
;!3 .N.'Fw1.....7..W..}"..n.ax[,y.%.. .......X%wf. .O...s...'...g7..9'
y.V..y.\O..3...,.-....H.q..........AM..;..L.8B`.3.......X.J.0..m....)1
..b-.w...j.!..oi...f..R'......-U]8.y. 0.*....0J..M...@.&.}............
..IR<...G.J.)I...G.......l.....I.sU....I..}{8...."HQ.....- #.......
...Q.TL.%"^.h=..cX.r.7.{,......o#,.Ho...*.i...A..*...........2..mh{Ws.
3.3.:..N.-...C#WV.[..I.c.J..`...{8....Dw.....x.................../.E_C
l7?....C<....a..Qg.V.p.....\.=.......w?.9.qno..%o....'..z..s(..)...
...p.v...}kw..*a.T.1...5.S.K]*......58....B..O$M.C.`.............a.h.q
...0... jV.....C. IS.].......8_.l..h.....mP.6j....b.1...~.e...DV..
<<< skipped >>>

GET /mh/53a811d55f1c1e744b000002/2307c835-660a-4bd8-a3df-031d9af89e85/53a811d55f1c1e744b000002/default/media/js/jquery-1.11.1.min.js HTTP/1.1


Accept: */*
Referer: hXXp://VVV.playerfilemagno.com/BesH3gE9/pop-up/
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.playerfilemagno.com
Connection: Keep-Alive
Cookie: lpsl_BesH3gE9=344109fef83e0ec27339e16b78234e08 1462272893


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/javascript
Date: Mon, 02 May 2016 10:54:54 GMT
ETag: "53a84f60-1762a"
Last-Modified: Mon, 23 Jun 2014 16:01:36 GMT
Server: nginx
Content-Length: 95786
Connection: keep-alive
/*! jQuery v1.11.1 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.o
rg/license */.!function(a,b){"object"==typeof module&&"object"==typeof
 module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.do
cument)throw new Error("jQuery requires a window with a document");ret
urn b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){v
ar c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=
h.hasOwnProperty,k={},l="1.11.1",m=function(a,b){return new m.fn.init(
a,b)},n=/^[\s\uFEFF\xA0] |[\s\uFEFF\xA0] $/g,o=/^-ms-/,p=/-([\da-z])/g
i,q=function(a,b){return b.toUpperCase()};m.fn=m.prototype={jquery:l,c
onstructor:m,selector:"",length:0,toArray:function(){return d.call(thi
s)},get:function(a){return null!=a?0>a?this[a this.length]:this[a]:
d.call(this)},pushStack:function(a){var b=m.merge(this.constructor(),a
);return b.prevObject=this,b.context=this.context,b},each:function(a,b
){return m.each(this,a,b)},map:function(a){return this.pushStack(m.map
(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return t
his.pushStack(d.apply(this,arguments))},first:function(){return this.e
q(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.le
ngth,c= a (0>a?b:0);return this.pushStack(c>=0&&b>c?[this[c]]
:[])},end:function(){return this.prevObject||this.constructor(null)},p
ush:f,sort:c.sort,splice:c.splice},m.extend=m.fn.extend=function(){var
 a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boole
an"==typeof g&&(j=g,g=arguments[h]||{},h  ),"object"==typeof g||m.
<<< skipped >>>


GET /sdb/e0/WebBrowser.xml?d715541a-bf4c-49be-a2d4-7af901ad6833 HTTP/1.1
Host: staticrr.fastplayerpro.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 May 2016 10:55:05 GMT
Content-Type: text/xml
Content-Length: 4334
Last-Modified: Wed, 13 Jan 2016 11:17:51 GMT
Connection: keep-alive
ETag: "5696325f-10ee"
Accept-Ranges: bytes
<Popup>...<Version>1.0.0.10</Version>..    <Enabl
ed>true</Enabled>...<Size height="768" width="1000"/>..
    <FrecuencyPerHour>4</FrecuencyPerHour>..    <MaxWin
dows>4</MaxWindows>..    <LaunchDate>07/01/2015</Lau
nchDate>..    <Url container="popup">hXXp://redirect-wb.com/&
lt;/Url>..    <UrlRedirect>hXXp://redirect-wb.com/</UrlRed
irect>...<UrlNotAllowedCountries countries="AE,IR,IL,EG,CN,BA,RS
,TH,IN,CZ,ID,VN,PH,PK" container="popup">hXXp://network.adsmarket.c
om/click/jGJunWecqZmOZnCXYcp6w4iQa5xgn36bi2SYm2Gif5mJkGqXXpt-lbdia5hhn
3qX</UrlNotAllowedCountries>..    <UrlByRegister>....<U
rl container="browser" key="HKLM\SOFTWARE" priority="5"><![CDATA
[hXXp://n149adserv.com/ads?key=8a35d9a5b93c671dcef88419ab81871b&width=
0&height=0]]></Url>....<Url container="browser" key="HKLM\
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client
" priority="5"><![CDATA[hXXp://n149adserv.com/ads?key=0d8448124f
556ffceee148f60ea374f6&width=0&height=0]]></Url>....<Url c
ontainer="browser" key="HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion
\Uninstall\RaidCall" priority="5"><![CDATA[hXXp://n149adserv.com
/ads?key=0d8448124f556ffceee148f60ea374f6&width=0&height=0]]></U
rl>....<Url container="browser" key="HKLM\SOFTWARE\Microsoft\Win
dows\CurrentVersion\Uninstall\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" 
priority="5"><![CDATA[hXXp://n149adserv.com/ads?key=0d844812
<<< skipped >>>


GET /maxpower-static/templates/2014/11/71be70f4-73cf-11e4-b71d-06a3579b0dab/css/style.css HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: api.playerfilemagno.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/css
Date: Mon, 02 May 2016 10:54:51 GMT
ETag: "54f6e242-4a5a"
Last-Modified: Wed, 04 Mar 2015 10:45:22 GMT
Server: nginx
Content-Length: 19034
Connection: keep-alive
/* Template Template Videoupdater */...article,aside,details,figcaptio
n,figure,.footer,header,hgroup,menu,nav,section {..display:block;.}.p,
 h5, h4, h3, h2, h1, span, ul, li, form, input, textarea {..margin:0;.
.padding:0;.}.body {..margin:0 auto;..background-color:#323333;..width
: 555px;..height: 458px;..color:#b5b5b5;..font-family:Arial, Helvetica
, sans-serif;..scrollbar-face-color: #666666;..scrollbar-highlight-col
or: #999999;..scrollbar-3dlight-color: #333333;..scrollbar-shadow-colo
r: #333333;..scrollbar-darkshadow-color: #333333;..scrollbar-arrow-col
or: #CCCCCC;..scrollbar-track-color: #333333;.}...videupdater a, .vide
updater span {..color:#b5b5b5;.}...clear {..clear:both;..height:0px;..
overflow:inherit;..display: none;.}..li {..list-style: none;.}./******
***************//*********************//*********************//*******
**************//********./* estilo para poner los botones del box.html
 todos en display none */.._Bnext, .._Bexit, .._Bdecline, .._Bomit {..
/*display:none;*/.}./*************************************************
*/..container {..float:left;..width:555px;..height: 458px;..background
-color:#323333;..margin: 0 auto;.}../*****************Template Win_Lin
k*****************/......minimize {..float: right;..width: 45px;..posi
tion: relative;..margin-right: -45px;..right: 45px;..margin-top: 12px;
..z-index: 9999;.}....minimize ul li {..display: inline;..float: left;
.}...minimize li {....float: left;..}  ....minimize .button-min {..col
or: #636363;..text-decoration: none;..border: none;..font-size: 17
<<< skipped >>>


HEAD /8c/JFileManagerSetup.exe HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Host: dybraso4svbl2.cloudfront.net
Content-Length: 0
Cache-Control: no-cache


HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 2229214
Connection: keep-alive
Date: Mon, 02 May 2016 10:54:53 GMT
Last-Modified: Tue, 12 Apr 2016 12:07:07 GMT
ETag: "ca04007495aae5057da274a53a338ddc"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 ffaf96eee86cf7d96c222b2f54e79b63.cloudfront.net (CloudFront)
X-Amz-Cf-Id: cU7ORbOnXfgEtN28LOyWKk3jWqf1hGw_GjMpgoiBRHUWaxSSj-S85g==







The Trojan connects to the servers at the folowing location(s):







%original file name%.exe_944:




.text
`.rsrc
u%Shh#Q
@t-9}
NSSh:
FV<.tN<[tJ<\tF<*tB<|t><^t:<$t6
J!"#$J%J&'()*J ,JJJJJJJJ-J.JJ/0J1JJJJJJJJJJJJJJJJJJ23JJ4567JJ8JJJJJ9:;JJJJJ<=JJJJJJJJJJJ>?JJJJJJJJ@JJJJJJAJJJJJBJJCJJJJJJJJJJJDEJJJJJJJFJGJJJJJJJJJJJJHJI
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\atlmfc\include\atlexcept.h
HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0
kernel32.dll
%System%\drivers\vmmouse.sys
%System%\drivers\vmhgfs.sys
%System%\drivers\VBoxMouse.sys
sbiedll.dll
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xdebug
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\streambuf
SELECT * FROM Win32_BIOS WHERE Manufacturer LIKE '%XEN%')
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\atlmfc\include\cstringt.h
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xlocale
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xiosbase
Software\Microsoft\Windows\CurrentVersion\Uninstall
Software\Classes\ProcMon.Logfile.1\shell\open\command
IsWindowsServer
hXXps://ssl.google-analytics.com/collect?
PPUXXXXXeow}9FR]^hv%(49FTXcoss}",06=D
KX______mqq} 7@HW`mmuw(3ADKWX\_hiu)FQ^
OZammmmmr!'6DKOUdpx{*9@LUaov{#%* -/4CMMX
N[^aaaaalq" 6=BLSWWetz'FLW^aoorrz#).12
IVV^^^^^^ahmu"#.2<IOOTcpy **9<KSUU\ffu! 
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xlocnum
LZ]`````gq"'07;BETbmr{}(489=IX]hkkv #*7;IOS`cqw} :IJYccqy*8GN\gnx&448EPYfly))8ESbiqq|#',04ANPWer}(DOYagn|*1<<EOOVbcgptz{#)8BKOOPS\er{#
DMMZZZZZ\acpz)-:;ABBQYbiuuu *02@@NZZds $ICKZZ[\goov{(7CLV[_dpw(135<EPX
EHKPPPPPXcrttu!..26@LN]fs$%(4;CN\imx!((1:EJP\adp| "(333>GR_co}&(.7EGLS[e
KY[dddddgty"'--<IKWWaghllt|}$08<DKPR\kwFRZ^aopvvw},;>AIR^js#%.<EPQ\hs
FGGLLLLLS\_fpw&)7=KPY[elx} LRW_jjmmy&*34568EQ_io|!.=@ITZfl{}}%$9:==ELOV]dopru}#2?KSWYbgjlvy{#-/=>DJT[ixz|}!%) 8=EPX_clu{|-9<IPQ_eers
CLP^^^^^ggs|(-09AENWerw} /2=AP[`l{}##*7ESUW`my))3>?GLX[jlu{*8AGHWdqw|}),
ACESSSSSYcr!)4:GV`nttxy}}%*-57CRTXfoquv!'1@NNW[[ft%,-4=BMQ]fgp (.=BBJQTZ\ijsu //;>AJYefikr",356DFFSbiinyy%'4@NUWailtuw#00?MZ`jsvwy'*-03>IMMY\gghjox{)./4>JKR]`fq|*,0>LPP
EHKPPPPPWZdjnosw%''*6?ITY_nzz)FU\]llz(13AO[_lwx{(*2<IXfjjor|'  -11>CHJ
BJPPPPPPPVdeir"19;@FKQTcpw}$( 3BBEGKNR_mvyz!$,-1>CCPWfpuv}-8:@ALMMTbnw&*5?GRS^bfu%% :IKV[eo{)2AHV[`mx %)
BQS_____lmrsuy},9GRaprz$-:>>BNOZddintz$5DOW_m{} !"%%)0<>MP_ehw&02>>JJO
LTZ`````agkw!00:ETWYeqy$.09DQYhpuw%.1<EITX``hppu#( 5CFLQR`ky'6@KRTUdp{",
DEHIIIIIJM[bovv%* -:GJPY_nss!.8EIPY^gq"(44:;>KUZ]jt{ 19GKTcpv$,,6:@FP^_e
JUUXXXXXZdqss},0<DIM\cmn|'0;EKZ_gu9DP
()$^.* ?[]|\-{},:=!
DMMZZZZZ\gjoz&1<JWYep!LCLOQ`lxy{"0?AFTVelttxy"19?JNQZ\bp %&&46<KZ]lpv!
KNQSSSSS`kv"#,1:GKW]bqt}%/6<JLZ]aijjjx$29BNV]_gv#-5ALUbfopr}!,;IXdhw%%-3
NOSXXXXXesy(4CKOPP_ehllx".<@NXbhnwy{( -9HTUWao} -<IIP_jnu}}%)/8?NV^fn}(6
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\locale
invalid _N_type: %d
L[\kkkkkmv&DOS\gt $-156AHHV\ftww %).58
GOORRRRR\iqy|	DP\`nw(11<JU[dgjlmz%*/15
O]`iiiiis$-8>LUamny}-6CHLT\fjqz!!"$-8GMWYZbio}'4<FO\_cn|#/14@DMS_jw} *2:
JPR^^^^^go{*9BNSTU_nsx#-1@BOS`dpx',/9DFTanquy!!#/=@DEETcegvLRaddmo}(69
AADDDDDDPQXZiv%2@O^jw')/7@N[ahp{(/9AOO[ikw|!!*7?MNTadrz(7BPUZabnz&0?CRTU
DRSYYYYYbm|#%,/;GMW^cknrs!%,;HOTbgt|*.1?DLNQX^^lrw7FHO^hmv )3=DKPTV]bg
LSYeeeeeikoy{$8DPUVZ\cgsw|"%)6:HUbovw{
OQQ]]]]]aghkmqz'*-278<HV^_glp{{LIM[ht$
BEKWWWWW[[fmuz!,,.1=INRXbbkry (-7FFTV^mw'2?AIUdfu{}}-;CLSY^`fhw(  6?@DDHKSaeemw %%) .;BO\ablszz},2?EEIValp!/:?KOTYafu{&15:FQZfkox *-2>LRUcpx"/4==GLPXfq}"(8FRSXdiqs{&3
PYZ]]]]]^__ghkmz")345CCRTVbgr $..45>GRSXcksv}$(7>M[anp}#,/<JYahkoqq| 6EK
HRTWWWWWagn{$ ,.0<CHP[fkpw6DITYbovv%'))3BBMST`jw "0=>?BORR[^lry!'6;=KNRX_nw}%)22?IORSbfgjqr",55=INNW^alz",::GQS^ejtw}&/3AOQUXeky)3;CCMZbiipxx)7CIIWcpy((2>DGKLOQVWcpv{
AFFSSSSS`cmy)0<?JLRYddmrw(/6CJYajuy&5??AABKPUalp!$/>@AITWaao ,29DR]ceqvz&*6EQ\ddfiqw!-./>DIXfhuu99=HLPYagpw&57<CLY^ixz%(/68<@GLZccpru!.6=FR]^bisxx$$*78:=>KU_acdmsw}-9:AGQ[aot|-;?FU]^lv$&02:BJRSbks$$.9ALQR]emz{,0;AEFJWeeegkqy&5<AGJP_drx{,24@LXahirr#$''-::DGQT`loor!&2?MMMY[dest$07FMRafr"'( 8:<BCKT\``ls$(5=CQ[iry',/6DEKLX[ccrtt
GOSWWWWWeijy*24==GT`elyz|*-:HMV`bnv"'(33>CCQ_ku&-37FKP^grz&*6>LSZbio{(4>ADEMW^hit}.44BO]ghlw$19EGLSXcmvz(-/:HN\isvy'1;@HVekz#1@JJR\_hqz*8=ABHUdnu$,,1=DNZ\afkpw&(* 16<ALOP__nx{!% ,9CRTUcquw{{(.9AMZgkyz#)38GU`ny&35;GV_depy|#/;GR^hv!&/4CEQZ^jrx|&'0;@BDNU`jo}$124557EEFITWY[[\`dhks! 7@KRWYes{)4@BFMX`gkwz&29?HWX\^itx"06<?ACHHMPRUW`lrz}$1179=CCN\ks| :DJKNUdssw%&/=HS\ckkr %  9@NTXfhsw!-5?BPT]hv"# 88<<=IVXZZ`grz 228FGINT\bdn})-<HLPXfgjpz ',;?MWbpsw#)-66CERSS]cjssz"' .039<=IPU^llov$1233>LOX\fou|)**/8COSTbkvv&0:>MSWX[_`kqv}#$-36DQQQV`n|&4BMY`n{#(7?BHPXgu$/9HN[^`ftyz}})0;<@CDHT[fmn|!08?ET[^lw}.:=@OXbdgru| 3BKVV_cpxz 348FRVWeels!!*67<AJT^cft%))35:@EHUX\bgv$114=JYZillx(1=EP_iiw&18DGUVVbfguu|:FGLQZdnsv&599CEJPUXehllmmmxy*7AP\eovz 57:@KOOPXdlx&,334>EFM\jy| # :IXekm|'*7<AANSVW]ly)01=>>BOQ_do|!#19:=GGJJW[_cemwx)6AMNRVcfgnx$,;EEO]`o ,:CQT^gqryz
KW[bbbbblo{*-9;;CHLVcrt$$16BHIIKUZ_dehq!
KUZbbbbbqqx8FMMV]hjt")34ABKU_hijrx|(23AJKLXclv&1@CGQ\cdqyy$356?FOWZfu
HNNPPPPP\acpw!*69<>KV`er}'/07DIWap|,,4@LSbir}LJPRYft#&*18?GP\boqt!-1;=GRXgiv!#/367ER``jms#1:INYfiopy .
NetBase.cpp
BMRVVVVVdsv#$/>LUddego  /16;=DN]flq|,:IP^clox#,.:=HSXcefft|),7=BCRTZhp{ -4CFOXY`frx(((0>CRYckz#%%,2<JR^g
URL EMPTY
HQXXXXXXZefpw#-3BQW_iw{%&3?MW]ampy:GMR`lrv||#'-.;FKZ_gmv""##%%7CQUbekqs#%),5<BQT`dhls|-99=EPR`fnyyz 48@LLT]]gs|#)67CGHPRVVZ\eq -022:GPP^jt}"-;AKNOSVcoou ** .2=JWbkq} &*,/79FS`fhqq".8CHV]kz$&3BCLL
"url":"
ParseUrl
/Setup.application
hXXp://
urlc=
PictureEx.cpp
c:\logFile.txt
SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
hXXp://42e546f0ea2d40afa114ea020951ec9d:9538ea5acbbe4fc6b42811c415685653@
.cpp" ,
errormsg
Error opening key.
Key not found.
_virtualGetStringKey
_virtualcheckRegkKey
_virtualSetStringKey
_virtualSetDwordKey
SetStringKey
inflate 1.1.3 Copyright 1995-1998 Mark Adler
CWebBrowser2
0.0.0.0
mb_00000000-0000-0000-0807-060504030201
mb_09F005AE-AC9D-4FC1-AB7A-24004F6C043A
mb_01010101-0101-0101-0101-010101010101
mb_58585858-5858-5858-5858-585858585858
mb_4c4c4544-0000-2010-8020-80c04f202020
mb_11111111-2222-3333-4444-555555555555
mb_11111111-1111-1111-1111-111111111111
mb_00020003-0004-0005-0006-000700080009
mb_890E2D14-CACD-45D1-AE66-BC80E8BFEB0F
mb_8E275844-178F-44A8-ACEB-A7D7E5178C63
mb_52309712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_DC698397-FA54-4CF2-82C8-B1B5307A6A7F
mb_61F39712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_50FB9712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_93309712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_56F49712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_07090201-0103-0301-0807-060504030201
mb_03000200-0400-0500-0006-000700080009
mb_FEFEFEFE-FEFE-FEFE-FEFE-FEFEFEFEFEFE
mb_FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_00000000-0000-0000-0000-000000000000
CNotSupportedException
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\except.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxtls_.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olemisc.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winstr.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\strcore.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxtempl.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\afx.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\thrdcore.cpp
m_nMsgLast =
m_msgCur = {
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxcoll.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_s.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\elements.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afxtls.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occmgr.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occdlg.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appcore.cpp
m_pszExeName =
m_nCmdShow =
m_lpCmdLine =
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxadv.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winfrm.cpp
Warning: no message line prompt for ID 0xX.
Warning: OnUpdateKeyIndicator - unknown indicator 0xX.
Warning: scroll bars in frame windows may cause unusual behaviour.
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxpriv.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxwin1.inl
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxcomctl32.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wincore.cpp
Warning: unknown WM_MEASUREITEM for menu item 0xX.
hhctrl.ocx
Implementation Warning: control notification = $%X.
Warning: not executing disabled command %d
hWnd = $X (nIDC=$X) is not a %hs.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afximpl.h
CCmdTarget
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\cmdtarg.cpp
SENDING control notification %d from control id 0xX to %hs window.
SENDING command id 0xX to %hs target.
No handler for command ID 0xX, disabling it.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appui2.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appui.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appui1.cpp
Error: failed to load message box prompt string 0xx.
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxwin2.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winocc.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occsite.cpp
IOleInPlaceObject not supported on OLE control (dialog ID %d).
Persistence not supported on OLE control %ls.
%d. Column ordinal %d: Binding as native data type
%d. Column ordinal %d: Binding a COM object
%d. Column ordinal %d: Binding as an IStream object
%d. Column ordinal %d: Binding as an ISequentialStream object
neither ISequentialStream nor IStream are supported!
IStream is supported
ISequentialStream is supported
Testing streams support...
%d. Column ordinal %d: Binding by reference in provider allocated, consumer owned memory
%d. Column ordinal %d: Binding length and status ONLY
Number of columns: %d
f:\dd\vctools\vc7libs\ship\atlmfc\include\atldbcli.h
Unsupported DBTYPE (%d) in column %d
$@Column %d not bound
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occcont.cpp
Error: no data exchange control with ID 0xX.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dlgdata.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wingdi.cpp
m_ps.rcPaint =
m_ps.fErase =
m_ps.hdc =
lgpn.lopnColor =
lgpn.lopnWidth.x (width) =
lgpn.lopnStyle =
lb.lbColor =
lb.lbHatch =
lb.lbStyle =
lf.lfFaceName =
lf.lfPitchAndFamily =
lf.lfQuality =
lf.lfClipPrecision =
lf.lfOutPrecision =
lf.lfCharSet =
lf.lfStrikeOut =
lf.lfUnderline =
lf.lfItalic =
lf.lfWeight =
lf.lfOrientation =
lf.lfEscapement =
lf.lfWidth =
lf.lfHeight =
bm.bmBitsPixel =
bm.bmPlanes =
bm.bmWidthBytes =
bm.bmWidth =
bm.bmHeight =
bm.bmType =
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wingdix.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dlgcore.cpp
IGNORING command id 0xX sent to %hs dialog.
Routing command id 0xX to app.
Routing command id 0xX to owner window.
Warning: Creating dialog from within a COleControlModule application is not a supported scenario.
Warning: ExecuteDlgInit failed during dialog init.
ERROR: Dialog with IDD 0xX must have the child style.
ERROR: Dialog with IDD 0xX must be invisible.
ERROR: Cannot find dialog template with IDD 0xX.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winctrl1.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oleunk.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxole.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afxstate.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\objcore.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\arcobj.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\arccore.cpp
CHttpConnection
CHttpFile
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\inet.cpp
Unknown status: %d
Internet ctxt=%d:
Warning: throwing CInternetException for error %d
Warning: Extended error reported with no response info
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filecore.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filex.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appinit.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\auxdata.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olevar.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\arcex.cpp
WM_HOTKEY
WM_SETHOTKEY
WM_IDLEUPDATECMDUI
WM_DDE_EXECUTE
WM_KEYLAST
WM_SYSKEYUP
WM_SYSKEYDOWN
WM_KEYUP
WM_KEYDOWN
WM_VKEYTOITEM
WM_CTLCOLORMSGBOX
WM_USER 0xX
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afxtrace.cpp
Warning: Unable to unpack WM_DDE_EXECUTE lParam lX.
Warning: failed to reclaim %d bytes for memory safety pool.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winhand.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dumpcont.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_b.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_w.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_d.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_p.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_o.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\map_pp.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\map_wo.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\map_so.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\map_ss.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dlgcomm.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\bartool.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afxcrit.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occevent.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filemem.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\plex.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appui3.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olelock.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winutil.cpp
Warning: Shrinking safety pool from %d to %d to satisfy request of %d bytes.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\list_p.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winmenu.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxcmn2.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winctrl2.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxcmn.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledisp2.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oleinit.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\arcstrm.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oleenum.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\apphelp.cpp
Error: failed to load AfxFormatString string 0xx.
Error: illegal string index requested %d.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dlgtempl.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filetxt.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxmt.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filest.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dumpout.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\fixalloc.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledisp1.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olecnvrt.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olemsgf.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occlock.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olefact.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledobj2.cpp
a %hs object at $%p, %u bytes long
an invalid object at $%p, %u bytes long
faulted while dumping object at $%p, %u bytes long
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dumpinit.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledlgs2.cpp
m_bz.hTask =
m_bz.hResource =
m_bz.lpszTemplate =
m_bz.hInstance =
m_bz.lCustData =
m_bz.lpszCaption =
m_bz.hWndOwner =
m_bz.dwFlags =
m_bz.cbStruct =
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledoc1.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\list_o.cpp
f:\dd\vctools\crt_bld\self_x86\crt\src\_tolower.c
f:\dd\vctools\crt_bld\self_x86\crt\src\locale0.cpp
f:\dd\vctools\crt_bld\self_x86\crt\src\xmutex.cpp
%s(%d) :
%s_%0x
f:\dd\vctools\vc7libs\ship\atlmfc\src\atl\atls\atlbase.cpp
f:\dd\vctools\crt_bld\self_x86\crt\src\dbgrpt.c
Client hook allocation failure at file %hs line %d.
Memory allocated at %hs(%d).
Client hook re-allocation failure at file %hs line %d.
HEAP CORRUPTION DETECTED: after %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory after end of heap buffer.
HEAP CORRUPTION DETECTED: before %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory before start of heap buffer.
CRT detected that the application wrote to a heap buffer that was freed.
crt block at 0x%p, subtype %x, %Iu bytes long.
client block at 0x%p, subtype %x, %Iu bytes long.
%hs(%d) :
#File Error#(%d) :
Data: <%s> %s
f:\dd\vctools\crt_bld\self_x86\crt\src\onexit.c
f:\dd\vctools\crt_bld\self_x86\crt\src\setvbuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c
_CrtDbgReport: String too long or IO Error
Debug %s!
Program: %s%s%s%s%s%s%s%s%s%s%s%s
f:\dd\vctools\crt_bld\self_x86\crt\src\osfinfo.c
%s(%d) : %s
_CrtDbgReport: String too long or Invalid characters in String
f:\dd\vctools\crt_bld\self_x86\crt\src\_file.c
f:\dd\vctools\crt_bld\self_x86\crt\src\initctyp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\setlocal.c
f:\dd\vctools\crt_bld\self_x86\crt\src\stdenvp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\stdargv.c
f:\dd\vctools\crt_bld\self_x86\crt\src\w_env.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ioinit.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tidtable.c
This is an unsupported way to load Visual C   DLLs. You need to modify your application to build with a manifest.
- Attempt to initialize the CRT more than once.
- CRT not initialized
Please contact the application's support team for more information.
- floating point support not loaded
f:\dd\vctools\crt_bld\self_x86\crt\src\mlock.c
GetProcessWindowStation
f:\dd\vctools\crt_bld\self_x86\crt\src\output.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbctype.c
f:\dd\vctools\crt_bld\self_x86\crt\src\read.c
f:\dd\vctools\crt_bld\self_x86\crt\src\stream.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_sftbuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\drive.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_getbuf.c
ADVAPI32.DLL
f:\dd\vctools\crt_bld\self_x86\crt\src\inithelp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tzset.c
f:\dd\vctools\crt_bld\self_x86\crt\src\gmtime.c
USER32.DLL
f:\dd\vctools\crt_bld\self_x86\crt\src\convrtcp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\inittime.c
f:\dd\vctools\crt_bld\self_x86\crt\src\initnum.c
f:\dd\vctools\crt_bld\self_x86\crt\src\initmon.c
portuguese-brazilian
operator
Run-Time Check Failure #%d - %s
f:\dd\vctools\crt_bld\self_x86\crt\src\wtombenv.c
MSPDB80.DLL
RegCloseKey
RegOpenKeyExA
f:\dd\vctools\crt_bld\self_x86\crt\src\setenv.c
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appmodul.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winmain.cpp
GetProcessHeap
KERNEL32.dll
SetWindowsHookExW
GetKeyState
UnhookWindowsHookEx
CreateDialogIndirectParamW
USER32.dll
RegOpenKeyExW
RegEnumKeyExW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyW
RegEnumKeyW
RegOpenKeyW
RegCreateKeyExW
ADVAPI32.dll
ole32.dll
ShellExecuteExW
ShellExecuteW
SHELL32.dll
OLEAUT32.dll
UrlUnescapeW
SHLWAPI.dll
GetViewportExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GDI32.dll
COMDLG32.dll
WINSPOOL.DRV
COMCTL32.dll
oledlg.dll
URLDownloadToFileW
urlmon.dll
IPHLPAPI.DLL
RPCRT4.dll
OLEACC.dll
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenUrlW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
WININET.dll
GetCPInfo
GetConsoleOutputCP
.?AVCCmdTarget@@
.?AVCWebBrowser2@@
.?AVExecuteBase@@
.?AVExecuteFacade@@
.PAVCFileException@@
.PAVCInternetException@@
.PAVexception@std@@
.PAVCMemoryException@@
.PAVCSimpleException@@
.PAVCException@@
.PAVCObject@@
.PAVCNotSupportedException@@
.PAVCInvalidArgException@@
.PAVCOleException@@
.?AVCNotSupportedException@@
.?AVCTestCmdUI@@
.?AVCCmdUI@@
.PAVCUserException@@
.PAVCResourceException@@
.PAVCArchiveException@@
.?AVCHttpConnection@@
.?AVCHttpFile@@
.?AV?$CFixedStringT@V?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@$0BAA@@ATL@@
.?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@
.PAVCOleDispatchException@@
zcÁ
"""2#"#"
##:;;>>1
jjk%xxy
jjk`jjk%xxy
(. .dD=A
J.eOH
.Pmli
.qO.>g]
%U~J,
vY%UCKG
o.my\
,9%C[
h.NLg
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"></supportedOS>
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></supportedOS>
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS>
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS>
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></supportedOS>
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xutility
AtlThrow: hr = 0x%x
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\atlmfc\include\atlsimpstr.h
std::_Vector_const_iterator<unsigned int,class std::allocator<unsigned int> >::operator *
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\vector
std::_Vector_const_iterator<unsigned int,class std::allocator<unsigned int> >::operator  =
std::_Vector_const_iterator<struct offerStruct *,class std::allocator<struct offerStruct *> >::operator *
std::_Vector_const_iterator<class std::vector<unsigned int,class std::allocator<unsigned int> > *,class std::allocator<class std::vector<unsigned int,class std::allocator<unsigned int> > *> >::operator *
std::_Vector_const_iterator<struct offerStruct *,class std::allocator<struct offerStruct *> >::operator  =
std::_Vector_const_iterator<class std::vector<unsigned int,class std::allocator<unsigned int> > *,class std::allocator<class std::vector<unsigned int,class std::allocator<unsigned int> > *> >::operator  =
std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >::operator []
hWarning: implicit LoadString(%u) failed
HKEY_USERS
HKEY_LOCAL_MACHINE
HKEY_CURRENT_USER
HKEY_CLASSES_ROOT
Windows
IsWindowsServer,
std::vector<unsigned char,class std::allocator<unsigned char> >::operator []
std::_Vector_const_iterator<unsigned char,class std::allocator<unsigned char> >::operator *
std::_Vector_const_iterator<unsigned char,class std::allocator<unsigned char> >::operator  =
std::vector<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::operator []
std::_String_const_iterator<char,struct std::char_traits<char>,class std::allocator<char> >::operator *
std::_String_const_iterator<char,struct std::char_traits<char>,class std::allocator<char> >::operator   
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\algorithm
std::_Vector_const_iterator<unsigned char,class std::allocator<unsigned char> >::operator   
std::_String_const_iterator<char,struct std::char_traits<char>,class std::allocator<char> >::operator  =
std::_Vector_const_iterator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::operator  =
std::_Vector_const_iterator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::operator *
std::_Vector_const_iterator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::operator   
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\ostream
std::_Tree<class std::_Tmap_traits<int,wchar_t const *,struct std::less<int>,class std::allocator<struct std::pair<int const ,wchar_t const *> >,0> >::const_iterator::operator ==
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xtree
std::_Tree<class std::_Tmap_traits<int,wchar_t const *,struct std::less<int>,class std::allocator<struct std::pair<int const ,wchar_t const *> >,0> >::const_iterator::operator *
Ainvalid operator<
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,unsigned long,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,unsigned long> >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > > >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,__int64,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,__int64> >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,unsigned long,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,unsigned long> >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > > >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,__int64,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,__int64> >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > > >,0> >::const_iterator::_Inc
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,unsigned long,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,unsigned long> >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,unsigned long,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,unsigned long> >,0> >::const_iterator::_Inc
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > > >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,__int64,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,__int64> >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,__int64,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,__int64> >,0> >::const_iterator::_Inc
ExtractIcon.cpp
std::list<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::_Const_iterator<1>::operator   
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\list
std::list<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::_Const_iterator<1>::operator --
std::_String_const_iterator<char,struct std::char_traits<char>,class std::allocator<char> >::operator --
std::_String_const_iterator<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> >::operator *
std::_String_const_iterator<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> >::operator   
std::_Vector_const_iterator<class std::tr1::sub_match<char const *>,class std::allocator<class std::tr1::sub_match<char const *> > >::operator  =
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\regex
_std::_Vector_const_iterator<char,class std::allocator<char> >::operator *
std::list<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::_Const_iterator<1>::operator *
std::vector<class std::tr1::sub_match<char const *>,class std::allocator<class std::tr1::sub_match<char const *> > >::operator []
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class CWinThread *,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class CWinThread *> >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class CWinThread *,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class CWinThread *> >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class CWinThread *,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class CWinThread *> >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class CWinThread *,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class CWinThread *> >,0> >::const_iterator::_Inc
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\atlmfc\include\atlcomcli.h
helpJavaScript.cpp
std::_Vector_const_iterator<wchar_t,class std::allocator<wchar_t> >::operator  =
std::_Vector_const_iterator<wchar_t,class std::allocator<wchar_t> >::operator *
std::_Vector_const_iterator<wchar_t,class std::allocator<wchar_t> >::operator   
std::vector<wchar_t,class std::allocator<wchar_t> >::operator []
E_OUTOFMEMORY FAIL URLDownloadToFile
INET_E_DOWNLOAD_FAILURE FAIL URLDownloadToFile
SUCCEEDED URLDownloadToFile
SUCCEEDED default URLDownloadToFile
default URLDownloadToFile
hXXps://
std::vector<struct PayloadParser::argument,class std::allocator<struct PayloadParser::argument> >::operator []
std::_Vector_const_iterator<struct PayloadParser::argument,class std::allocator<struct PayloadParser::argument> >::operator  =
std::_Vector_const_iterator<struct PayloadParser::argument,class std::allocator<struct PayloadParser::argument> >::operator *
std::_Vector_const_iterator<struct PayloadParser::argument,class std::allocator<struct PayloadParser::argument> >::operator   
data.exe
start.gif
std::vector<struct CPictureEx::TFrame,class std::allocator<struct CPictureEx::TFrame> >::operator []
std::_Vector_const_iterator<struct CPictureEx::TFrame,class std::allocator<struct CPictureEx::TFrame> >::operator *
std::_Vector_const_iterator<struct CPictureEx::TFrame,class std::allocator<struct CPictureEx::TFrame> >::operator   
std::_Vector_const_iterator<struct CPictureEx::TFrame,class std::allocator<struct CPictureEx::TFrame> >::operator  =
5.2.365
"sentry.interfaces.Message": {
EHKEY_CURRENT_CONFIG\
HKEY_CURRENT_CONFIG
HKEY_USERS\
HKEY_LOCAL_MACHINE\
HKEY_CURRENT_USER\
HKEY_CLASSES_ROOT\
std::_Tree<class std::_Tmap_traits<unsigned int,class CTrayIcon *,struct std::less<unsigned int>,class std::allocator<struct std::pair<unsigned int const ,class CTrayIcon *> >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<unsigned int,class CTrayIcon *,struct std::less<unsigned int>,class std::allocator<struct std::pair<unsigned int const ,class CTrayIcon *> >,0> >::const_iterator::operator *
%s%s%s
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >,0> >::const_iterator::_Inc
SELECT * FROM Win32_OperatingSystem
_hd_%S
0mb_%S
Windows
CACHE_S_FORMATETC_NOTSUPPORTED
CO_E_SERVER_EXEC_FAILURE
MK_E_INTERMEDIATEINTERFACENOTSUPPORTED
OLE_E_ADVISENOTSUPPORTED
REGDB_E_KEYMISSING
TCACHE_E_FIRST...CACHE_E_LAST
CACHE_S_FIRST...CACHE_S_LAST
CLASSFACTORY_E_FIRST...CLASSFACTORY_E_LAST
CLASSFACTORY_S_FIRST...CLASSFACTORY_S_LAST
CLIENTSITE_E_FIRST...CLIENTSITE_E_LAST
CLIENTSITE_S_FIRST...CLIENTSITE_S_LAST
CLIPBRD_E_FIRST...CLIPBRD_E_LAST
CLIPBRD_S_FIRST...CLIPBRD_S_LAST
CONVERT10_E_FIRST...CONVERT10_E_LAST
CONVERT10_S_FIRST...CONVERT10_S_LAST
CO_E_FIRST...CO_E_LAST
CO_S_FIRST...CO_S_LAST
DATA_E_FIRST...DATA_E_LAST
DATA_S_FIRST...DATA_S_LAST
DRAGDROP_E_FIRST...DRAGDROP_E_LAST
DRAGDROP_S_FIRST...DRAGDROP_S_LAST
ENUM_E_FIRST...ENUM_E_LAST
ENUM_S_FIRST...ENUM_S_LAST
INPLACE_E_FIRST...INPLACE_E_LAST
INPLACE_S_FIRST...INPLACE_S_LAST
MARSHAL_E_FIRST...MARSHAL_E_LAST
MARSHAL_S_FIRST...MARSHAL_S_LAST
MK_E_FIRST...MK_E_LAST
MK_S_FIRST...MK_S_LAST
OLEOBJ_E_FIRST...OLEOBJ_E_LAST
OLEOBJ_S_FIRST...OLEOBJ_S_LAST
OLE_E_FIRST...OLE_E_LAST
OLE_S_FIRST...OLE_S_LAST
REGDB_E_FIRST...REGDB_E_LAST
REGDB_S_FIRST...REGDB_S_LAST
VIEW_E_FIRST...VIEW_E_LAST
VIEW_S_FIRST...VIEW_S_LAST
FACILITY_WINDOWS
severity: %s, facility: %s ($lX)
range: %s ($lX)
%s ($lX)
Warning: constructing COleException, scode = %s.
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlalloc.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlcomcli.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlsimpstr.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\cstringt.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlconv.h
F%s (%s:%d)
%s (%s:%d)
ntdll.dll
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Software\Microsoft\Windows\CurrentVersion\Policies\Network
Software\Microsoft\Windows\CurrentVersion\Policies\Comdlg32
%s%s.dll
If:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winfrm.cpp
Error: failed to execute DDE command '%s'.
Warning: DDE command '%s' ignored because window is disabled.
Can't register window class named %s
Afx:%p:%x:%p:%p:%p
Afx:%p:%x
WinHelp: pszHelpFile = '%s', dwData: $%lx, fuCommand: %d.
HtmlHelp: pszHelpFile = '%s', dwData: $%lx, fuCommand: %d.
accKeyboardShortcut
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlcom.h
commctrl_DragListMsg
pMRU: open file (%d) '%s'.
If:\dd\vctools\vc7libs\ship\atlmfc\include\afxwin2.inl
Binding entry %d failed. Status: %d
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlbase.h
GetData failed - HRESULT = 0x%X
m_pColumnInfo[nColumn].ulColumnSize == sizeof(ctype)
ERROR: Dialog named '%s' must have the child style.
ERROR: Dialog named '%s' must be invisible.
ERROR: Cannot find dialog template named '%s'.
CLSID\%s
Interface\%s
mfcm90ud.dll
QueryInterface(%s) failed
QueryInterface(%s) succeeded
Icomctl32.dll
Icomdlg32.dll
Ishell32.dll
connecting to socket address '%s'
resolved name for %s!
resolving name for %s
Warning: destroying an open %s with handle %8.8X
Warning: Disconnecting %s handle %8.8X in context %8.8X at destruction.
JHTTP/1.0
WININET.DLL
Warning: could not get volume information '%s'.
Warning: could not parse the path '%s'. Path is too long.
Warning: could not parse the path '%s'.
CFile exception: %hs, File %s, OS error information = %ld.
user32.dll
AppMsg
WinMsg
CmdRouting
%s: hwnd=0xX, msg = 0xX (0xX, 0xX)
%s: hwnd=0xX, msg = %hs (0xX, 0xX)
%s: Advise item='%s', Format='%s', Ack=%d, Defer Update= %d
%s: Execute '%s'.
0xx
Jf:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winctrl2.cpp
Warning: OleInitialize returned scode = %s.
mscoree.dll
nf:\dd\vctools\crt_bld\self_x86\crt\src\xstring
f:\dd\vctools\vc7libs\ship\atlmfc\src\atl\atls\atldebugapi.cpp
%S(%d) :
ppCategory && pfnCrtDbgReport
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlmem.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\atltime.inl
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlbase.inl
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlcomtime.inl
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlcore.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\atl\atls\allocate.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\atl\atls\atltracemodulemanager.h
f:\dd\vctools\crt_bld\self_x86\crt\src\memcpy_s.c
f:\dd\vctools\crt_bld\self_x86\crt\src\memmove_s.c
mode == _CRT_RPTHOOK_INSTALL || mode == _CRT_RPTHOOK_REMOVE
wcscpy_s(szOutMessage, 4096, L"_CrtDbgReport: String too long or IO Error")
memcpy_s(szShortProgName, sizeof(TCHAR) * (260 - (szShortProgName - szExeName)), dotdotdot, sizeof(TCHAR) * 3)
wcscpy_s(szExeName, 260, L"<program name unknown>")
__crtMessageWindowW
f:\dd\vctools\crt_bld\self_x86\crt\src\vswprint.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tcscat_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\dbgheap.c
_CrtCheckMemory()
_CrtIsValidHeapPointer(pUserData)
_CrtSetDbgFlag
(fNewBits==_CRTDBG_REPORT_FLAG) || ((fNewBits & 0x0ffff & ~(_CRTDBG_ALLOC_MEM_DF | _CRTDBG_DELAY_FREE_MEM_DF | _CRTDBG_CHECK_ALWAYS_DF | _CRTDBG_CHECK_CRT_DF | _CRTDBG_LEAK_CHECK_DF) ) == 0)
_CrtMemCheckpoint
f:\dd\vctools\crt_bld\self_x86\crt\src\vsprintf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fclose.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fread.c
f:\dd\vctools\crt_bld\self_x86\crt\src\rewind.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ftell.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fseek.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fopen.c
f:\dd\vctools\crt_bld\self_x86\crt\src\printf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\strtol.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tcscpy_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\stat64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcsicmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tmakepath_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\wcstombs.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tsplitpath_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\fgetc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fputc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ungetc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ungetc_nolock.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\fwrite.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fgetpos.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fsetpos.c
f:\dd\vctools\crt_bld\self_x86\crt\src\loctim64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wprintf.c
nf:\dd\vctools\crt_bld\self_x86\crt\src\strftime.c
("Invalid MBCS character sequence passed to strftime",0)
("Invalid MBCS character sequence passed into strftime",0)
f:\dd\vctools\crt_bld\self_x86\crt\src\malloc.h
("Corrupted pointer passed to _freea", 0)
f:\dd\vctools\crt_bld\self_x86\crt\src\fprintf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mktime64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcslwr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\atof.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wtof.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcstol.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcsupr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbstowcs.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsinc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsstr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbschr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tcsncpy_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\wcsdup.c
f:\dd\vctools\crt_bld\self_x86\crt\src\xtoa.c
U_CrtSetReportHook2
strcpy_s(szOutMessage, 4096, "_CrtDbgReport: String too long or IO Error")
strcpy_s(szExeName, 260, "<program name unknown>")
__crtMessageWindowA
f:\dd\vctools\crt_bld\self_x86\crt\src\fullpath.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fileno.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fdopen.c
f:\dd\vctools\crt_bld\self_x86\crt\src\feoferr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fputws.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fgets.c
f:\dd\vctools\crt_bld\self_x86\crt\src\clearerr.c
fMode == _CRTDBG_REPORT_MODE || (fMode & ~(_CRTDBG_MODE_FILE | _CRTDBG_MODE_DEBUG | _CRTDBG_MODE_WNDW)) == 0
_CrtSetReportMode
f:\dd\vctools\crt_bld\self_x86\crt\src\dbgrptt.c
nRptType >= 0 && nRptType < _CRT_ERRCNT
wcscpy_s(szOutMessage2, 4096, L"_CrtDbgReport: String too long or Invalid characters in String")
strcpy_s(szUserMessage, 4096, "_CrtDbgReport: String too long or IO Error")
_VCrtDbgReportA
strcpy_s(szOutMessage2, 4096, "_CrtDbgReport: String too long or Invalid characters in String")
wcscpy_s(szUserMessage, 4096, L"_CrtDbgReport: String too long or IO Error")
_VCrtDbgReportW
((ptloci->lc_category[category].wlocale != NULL) && (ptloci->lc_category[category].wrefcount != NULL)) || ((ptloci->lc_category[category].wlocale == NULL) && (ptloci->lc_category[category].wrefcount == NULL))
f:\dd\vctools\crt_bld\self_x86\crt\src\a_cmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\strtod.c
f:\dd\vctools\crt_bld\self_x86\crt\src\gmtime64.c
KERNEL32.DLL
strcat_s(outmsg, (sizeof(outmsg) / sizeof(outmsg[0])), rterrs[tblindx].rterrtxt)
strcat_s(outmsg, (sizeof(outmsg) / sizeof(outmsg[0])), "\n\n")
strcpy_s(outmsg, (sizeof(outmsg) / sizeof(outmsg[0])), "Runtime Error!\n\nProgram: ")
_NMSG_WRITE
f:\dd\vctools\crt_bld\self_x86\crt\src\crt0msg.c
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\eh\typname.cpp
f:\dd\vctools\crt_bld\self_x86\crt\src\winsig.c
WUSER32.DLL
f:\dd\vctools\crt_bld\self_x86\crt\src\_flsbuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\intel\fp8.c
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\conv\cvt.c
f:\dd\vctools\crt_bld\self_x86\crt\src\isctype.c
f:\dd\vctools\crt_bld\self_x86\crt\src\expand.c
f:\dd\vctools\crt_bld\self_x86\crt\src\close.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_freebuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_filbuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\lseek.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_open.c
f:\dd\vctools\crt_bld\self_x86\crt\src\dtoxtm64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\commit.c
f:\dd\vctools\crt_bld\self_x86\crt\src\write.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ftelli64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fseeki64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\timeset.c
f:\dd\vctools\crt_bld\self_x86\crt\src\stricmp.c
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\include\strgtold12.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\getcwd.c
strcpy_s(resultstr, resultsize, autofos.man)
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\conv\cfout.c
f:\dd\vctools\crt_bld\self_x86\crt\src\getqloc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\errmode.c
f:\dd\vctools\crt_bld\self_x86\crt\src\lseeki64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\isatty.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbtowc.c
_loc_update.GetLocaleT()->locinfo->mb_cur_max == 1 || _loc_update.GetLocaleT()->locinfo->mb_cur_max == 2
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\tran\contrlfp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_fptostr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wctomb.c
f:\dd\vctools\crt_bld\self_x86\crt\src\open.c
0 && "Only UTF-16 little endian & UTF-8 is supported for reads"
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsnbicm.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsnbcmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\getenv.c
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\conv\x10fout.c
f:\dd\vctools\crt_bld\self_x86\crt\src\strnicmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcsnicmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\setmode.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsnbico.c
f:\dd\vctools\crt_bld\self_x86\crt\src\strnicol.c
("CRT Logic error during setenv",0)
__crtsetenv
c:\%original file name%.exe
{8856F961-340A-11D0-A96B-00C04FD705A2}
All Files (*.*)
No error message is available.#Attempted an unsupported operation.$A required resource was unavailable.
Command failed.)Insufficient memory to perform operation.PSystem registry entries have been removed and the INI file (if any) was deleted.BNot all of the system registry entries (or INI file) were removed.FThis program requires the file %s, which was not found on this system.tThis program is linked to the missing export %s in the file %s. This machine may have an incompatible version of %s.
Destination disk drive is full.5Unable to read from %1, it is opened by someone else.AUnable to write to %1, it is read-only or opened by someone else.1Encountered an unexpected error while reading %1.1Encountered an unexpected error while writing %1.
#Unable to load mail system support.

%original file name%.exe_944_rwx_00401000_001A2000:




u%Shh#Q
@t-9}
NSSh:
FV<.tN<[tJ<\tF<*tB<|t><^t:<$t6
J!"#$J%J&'()*J ,JJJJJJJJ-J.JJ/0J1JJJJJJJJJJJJJJJJJJ23JJ4567JJ8JJJJJ9:;JJJJJ<=JJJJJJJJJJJ>?JJJJJJJJ@JJJJJJAJJJJJBJJCJJJJJJJJJJJDEJJJJJJJFJGJJJJJJJJJJJJHJI
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\atlmfc\include\atlexcept.h
HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0
kernel32.dll
%System%\drivers\vmmouse.sys
%System%\drivers\vmhgfs.sys
%System%\drivers\VBoxMouse.sys
sbiedll.dll
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xdebug
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\streambuf
SELECT * FROM Win32_BIOS WHERE Manufacturer LIKE '%XEN%')
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\atlmfc\include\cstringt.h
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xlocale
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xiosbase
Software\Microsoft\Windows\CurrentVersion\Uninstall
Software\Classes\ProcMon.Logfile.1\shell\open\command
IsWindowsServer
hXXps://ssl.google-analytics.com/collect?
PPUXXXXXeow}9FR]^hv%(49FTXcoss}",06=D
KX______mqq} 7@HW`mmuw(3ADKWX\_hiu)FQ^
OZammmmmr!'6DKOUdpx{*9@LUaov{#%* -/4CMMX
N[^aaaaalq" 6=BLSWWetz'FLW^aoorrz#).12
IVV^^^^^^ahmu"#.2<IOOTcpy **9<KSUU\ffu! 
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xlocnum
LZ]`````gq"'07;BETbmr{}(489=IX]hkkv #*7;IOS`cqw} :IJYccqy*8GN\gnx&448EPYfly))8ESbiqq|#',04ANPWer}(DOYagn|*1<<EOOVbcgptz{#)8BKOOPS\er{#
DMMZZZZZ\acpz)-:;ABBQYbiuuu *02@@NZZds $ICKZZ[\goov{(7CLV[_dpw(135<EPX
EHKPPPPPXcrttu!..26@LN]fs$%(4;CN\imx!((1:EJP\adp| "(333>GR_co}&(.7EGLS[e
KY[dddddgty"'--<IKWWaghllt|}$08<DKPR\kwFRZ^aopvvw},;>AIR^js#%.<EPQ\hs
FGGLLLLLS\_fpw&)7=KPY[elx} LRW_jjmmy&*34568EQ_io|!.=@ITZfl{}}%$9:==ELOV]dopru}#2?KSWYbgjlvy{#-/=>DJT[ixz|}!%) 8=EPX_clu{|-9<IPQ_eers
CLP^^^^^ggs|(-09AENWerw} /2=AP[`l{}##*7ESUW`my))3>?GLX[jlu{*8AGHWdqw|}),
ACESSSSSYcr!)4:GV`nttxy}}%*-57CRTXfoquv!'1@NNW[[ft%,-4=BMQ]fgp (.=BBJQTZ\ijsu //;>AJYefikr",356DFFSbiinyy%'4@NUWailtuw#00?MZ`jsvwy'*-03>IMMY\gghjox{)./4>JKR]`fq|*,0>LPP
EHKPPPPPWZdjnosw%''*6?ITY_nzz)FU\]llz(13AO[_lwx{(*2<IXfjjor|'  -11>CHJ
BJPPPPPPPVdeir"19;@FKQTcpw}$( 3BBEGKNR_mvyz!$,-1>CCPWfpuv}-8:@ALMMTbnw&*5?GRS^bfu%% :IKV[eo{)2AHV[`mx %)
BQS_____lmrsuy},9GRaprz$-:>>BNOZddintz$5DOW_m{} !"%%)0<>MP_ehw&02>>JJO
LTZ`````agkw!00:ETWYeqy$.09DQYhpuw%.1<EITX``hppu#( 5CFLQR`ky'6@KRTUdp{",
DEHIIIIIJM[bovv%* -:GJPY_nss!.8EIPY^gq"(44:;>KUZ]jt{ 19GKTcpv$,,6:@FP^_e
JUUXXXXXZdqss},0<DIM\cmn|'0;EKZ_gu9DP
()$^.* ?[]|\-{},:=!
DMMZZZZZ\gjoz&1<JWYep!LCLOQ`lxy{"0?AFTVelttxy"19?JNQZ\bp %&&46<KZ]lpv!
KNQSSSSS`kv"#,1:GKW]bqt}%/6<JLZ]aijjjx$29BNV]_gv#-5ALUbfopr}!,;IXdhw%%-3
NOSXXXXXesy(4CKOPP_ehllx".<@NXbhnwy{( -9HTUWao} -<IIP_jnu}}%)/8?NV^fn}(6
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\locale
invalid _N_type: %d
L[\kkkkkmv&DOS\gt $-156AHHV\ftww %).58
GOORRRRR\iqy|	DP\`nw(11<JU[dgjlmz%*/15
O]`iiiiis$-8>LUamny}-6CHLT\fjqz!!"$-8GMWYZbio}'4<FO\_cn|#/14@DMS_jw} *2:
JPR^^^^^go{*9BNSTU_nsx#-1@BOS`dpx',/9DFTanquy!!#/=@DEETcegvLRaddmo}(69
AADDDDDDPQXZiv%2@O^jw')/7@N[ahp{(/9AOO[ikw|!!*7?MNTadrz(7BPUZabnz&0?CRTU
DRSYYYYYbm|#%,/;GMW^cknrs!%,;HOTbgt|*.1?DLNQX^^lrw7FHO^hmv )3=DKPTV]bg
LSYeeeeeikoy{$8DPUVZ\cgsw|"%)6:HUbovw{
OQQ]]]]]aghkmqz'*-278<HV^_glp{{LIM[ht$
BEKWWWWW[[fmuz!,,.1=INRXbbkry (-7FFTV^mw'2?AIUdfu{}}-;CLSY^`fhw(  6?@DDHKSaeemw %%) .;BO\ablszz},2?EEIValp!/:?KOTYafu{&15:FQZfkox *-2>LRUcpx"/4==GLPXfq}"(8FRSXdiqs{&3
PYZ]]]]]^__ghkmz")345CCRTVbgr $..45>GRSXcksv}$(7>M[anp}#,/<JYahkoqq| 6EK
HRTWWWWWagn{$ ,.0<CHP[fkpw6DITYbovv%'))3BBMST`jw "0=>?BORR[^lry!'6;=KNRX_nw}%)22?IORSbfgjqr",55=INNW^alz",::GQS^ejtw}&/3AOQUXeky)3;CCMZbiipxx)7CIIWcpy((2>DGKLOQVWcpv{
AFFSSSSS`cmy)0<?JLRYddmrw(/6CJYajuy&5??AABKPUalp!$/>@AITWaao ,29DR]ceqvz&*6EQ\ddfiqw!-./>DIXfhuu99=HLPYagpw&57<CLY^ixz%(/68<@GLZccpru!.6=FR]^bisxx$$*78:=>KU_acdmsw}-9:AGQ[aot|-;?FU]^lv$&02:BJRSbks$$.9ALQR]emz{,0;AEFJWeeegkqy&5<AGJP_drx{,24@LXahirr#$''-::DGQT`loor!&2?MMMY[dest$07FMRafr"'( 8:<BCKT\``ls$(5=CQ[iry',/6DEKLX[ccrtt
GOSWWWWWeijy*24==GT`elyz|*-:HMV`bnv"'(33>CCQ_ku&-37FKP^grz&*6>LSZbio{(4>ADEMW^hit}.44BO]ghlw$19EGLSXcmvz(-/:HN\isvy'1;@HVekz#1@JJR\_hqz*8=ABHUdnu$,,1=DNZ\afkpw&(* 16<ALOP__nx{!% ,9CRTUcquw{{(.9AMZgkyz#)38GU`ny&35;GV_depy|#/;GR^hv!&/4CEQZ^jrx|&'0;@BDNU`jo}$124557EEFITWY[[\`dhks! 7@KRWYes{)4@BFMX`gkwz&29?HWX\^itx"06<?ACHHMPRUW`lrz}$1179=CCN\ks| :DJKNUdssw%&/=HS\ckkr %  9@NTXfhsw!-5?BPT]hv"# 88<<=IVXZZ`grz 228FGINT\bdn})-<HLPXfgjpz ',;?MWbpsw#)-66CERSS]cjssz"' .039<=IPU^llov$1233>LOX\fou|)**/8COSTbkvv&0:>MSWX[_`kqv}#$-36DQQQV`n|&4BMY`n{#(7?BHPXgu$/9HN[^`ftyz}})0;<@CDHT[fmn|!08?ET[^lw}.:=@OXbdgru| 3BKVV_cpxz 348FRVWeels!!*67<AJT^cft%))35:@EHUX\bgv$114=JYZillx(1=EP_iiw&18DGUVVbfguu|:FGLQZdnsv&599CEJPUXehllmmmxy*7AP\eovz 57:@KOOPXdlx&,334>EFM\jy| # :IXekm|'*7<AANSVW]ly)01=>>BOQ_do|!#19:=GGJJW[_cemwx)6AMNRVcfgnx$,;EEO]`o ,:CQT^gqryz
KW[bbbbblo{*-9;;CHLVcrt$$16BHIIKUZ_dehq!
KUZbbbbbqqx8FMMV]hjt")34ABKU_hijrx|(23AJKLXclv&1@CGQ\cdqyy$356?FOWZfu
HNNPPPPP\acpw!*69<>KV`er}'/07DIWap|,,4@LSbir}LJPRYft#&*18?GP\boqt!-1;=GRXgiv!#/367ER``jms#1:INYfiopy .
NetBase.cpp
BMRVVVVVdsv#$/>LUddego  /16;=DN]flq|,:IP^clox#,.:=HSXcefft|),7=BCRTZhp{ -4CFOXY`frx(((0>CRYckz#%%,2<JR^g
URL EMPTY
HQXXXXXXZefpw#-3BQW_iw{%&3?MW]ampy:GMR`lrv||#'-.;FKZ_gmv""##%%7CQUbekqs#%),5<BQT`dhls|-99=EPR`fnyyz 48@LLT]]gs|#)67CGHPRVVZ\eq -022:GPP^jt}"-;AKNOSVcoou ** .2=JWbkq} &*,/79FS`fhqq".8CHV]kz$&3BCLL
"url":"
ParseUrl
/Setup.application
hXXp://
urlc=
PictureEx.cpp
c:\logFile.txt
SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
hXXp://42e546f0ea2d40afa114ea020951ec9d:9538ea5acbbe4fc6b42811c415685653@
.cpp" ,
errormsg
Error opening key.
Key not found.
_virtualGetStringKey
_virtualcheckRegkKey
_virtualSetStringKey
_virtualSetDwordKey
SetStringKey
inflate 1.1.3 Copyright 1995-1998 Mark Adler
CWebBrowser2
0.0.0.0
mb_00000000-0000-0000-0807-060504030201
mb_09F005AE-AC9D-4FC1-AB7A-24004F6C043A
mb_01010101-0101-0101-0101-010101010101
mb_58585858-5858-5858-5858-585858585858
mb_4c4c4544-0000-2010-8020-80c04f202020
mb_11111111-2222-3333-4444-555555555555
mb_11111111-1111-1111-1111-111111111111
mb_00020003-0004-0005-0006-000700080009
mb_890E2D14-CACD-45D1-AE66-BC80E8BFEB0F
mb_8E275844-178F-44A8-ACEB-A7D7E5178C63
mb_52309712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_DC698397-FA54-4CF2-82C8-B1B5307A6A7F
mb_61F39712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_50FB9712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_93309712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_56F49712-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_07090201-0103-0301-0807-060504030201
mb_03000200-0400-0500-0006-000700080009
mb_FEFEFEFE-FEFE-FEFE-FEFE-FEFEFEFEFEFE
mb_FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF
mb_00000000-0000-0000-0000-000000000000
CNotSupportedException
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\except.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxtls_.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olemisc.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winstr.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\strcore.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxtempl.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\afx.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\thrdcore.cpp
m_nMsgLast =
m_msgCur = {
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxcoll.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_s.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\elements.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afxtls.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occmgr.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occdlg.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appcore.cpp
m_pszExeName =
m_nCmdShow =
m_lpCmdLine =
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxadv.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winfrm.cpp
Warning: no message line prompt for ID 0xX.
Warning: OnUpdateKeyIndicator - unknown indicator 0xX.
Warning: scroll bars in frame windows may cause unusual behaviour.
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxpriv.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxwin1.inl
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxcomctl32.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wincore.cpp
Warning: unknown WM_MEASUREITEM for menu item 0xX.
hhctrl.ocx
Implementation Warning: control notification = $%X.
Warning: not executing disabled command %d
hWnd = $X (nIDC=$X) is not a %hs.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afximpl.h
CCmdTarget
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\cmdtarg.cpp
SENDING control notification %d from control id 0xX to %hs window.
SENDING command id 0xX to %hs target.
No handler for command ID 0xX, disabling it.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appui2.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appui.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appui1.cpp
Error: failed to load message box prompt string 0xx.
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxwin2.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winocc.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occsite.cpp
IOleInPlaceObject not supported on OLE control (dialog ID %d).
Persistence not supported on OLE control %ls.
%d. Column ordinal %d: Binding as native data type
%d. Column ordinal %d: Binding a COM object
%d. Column ordinal %d: Binding as an IStream object
%d. Column ordinal %d: Binding as an ISequentialStream object
neither ISequentialStream nor IStream are supported!
IStream is supported
ISequentialStream is supported
Testing streams support...
%d. Column ordinal %d: Binding by reference in provider allocated, consumer owned memory
%d. Column ordinal %d: Binding length and status ONLY
Number of columns: %d
f:\dd\vctools\vc7libs\ship\atlmfc\include\atldbcli.h
Unsupported DBTYPE (%d) in column %d
$@Column %d not bound
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occcont.cpp
Error: no data exchange control with ID 0xX.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dlgdata.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wingdi.cpp
m_ps.rcPaint =
m_ps.fErase =
m_ps.hdc =
lgpn.lopnColor =
lgpn.lopnWidth.x (width) =
lgpn.lopnStyle =
lb.lbColor =
lb.lbHatch =
lb.lbStyle =
lf.lfFaceName =
lf.lfPitchAndFamily =
lf.lfQuality =
lf.lfClipPrecision =
lf.lfOutPrecision =
lf.lfCharSet =
lf.lfStrikeOut =
lf.lfUnderline =
lf.lfItalic =
lf.lfWeight =
lf.lfOrientation =
lf.lfEscapement =
lf.lfWidth =
lf.lfHeight =
bm.bmBitsPixel =
bm.bmPlanes =
bm.bmWidthBytes =
bm.bmWidth =
bm.bmHeight =
bm.bmType =
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\wingdix.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dlgcore.cpp
IGNORING command id 0xX sent to %hs dialog.
Routing command id 0xX to app.
Routing command id 0xX to owner window.
Warning: Creating dialog from within a COleControlModule application is not a supported scenario.
Warning: ExecuteDlgInit failed during dialog init.
ERROR: Dialog with IDD 0xX must have the child style.
ERROR: Dialog with IDD 0xX must be invisible.
ERROR: Cannot find dialog template with IDD 0xX.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winctrl1.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oleunk.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxole.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afxstate.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\objcore.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\arcobj.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\arccore.cpp
CHttpConnection
CHttpFile
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\inet.cpp
Unknown status: %d
Internet ctxt=%d:
Warning: throwing CInternetException for error %d
Warning: Extended error reported with no response info
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filecore.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filex.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appinit.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\auxdata.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olevar.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\arcex.cpp
WM_HOTKEY
WM_SETHOTKEY
WM_IDLEUPDATECMDUI
WM_DDE_EXECUTE
WM_KEYLAST
WM_SYSKEYUP
WM_SYSKEYDOWN
WM_KEYUP
WM_KEYDOWN
WM_VKEYTOITEM
WM_CTLCOLORMSGBOX
WM_USER 0xX
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afxtrace.cpp
Warning: Unable to unpack WM_DDE_EXECUTE lParam lX.
Warning: failed to reclaim %d bytes for memory safety pool.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winhand.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dumpcont.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_b.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_w.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_d.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_p.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\array_o.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\map_pp.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\map_wo.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\map_so.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\map_ss.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dlgcomm.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\bartool.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\afxcrit.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occevent.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filemem.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\plex.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appui3.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olelock.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winutil.cpp
Warning: Shrinking safety pool from %d to %d to satisfy request of %d bytes.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\list_p.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winmenu.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxcmn2.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winctrl2.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxcmn.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledisp2.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oleinit.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\arcstrm.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oleenum.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\apphelp.cpp
Error: failed to load AfxFormatString string 0xx.
Error: illegal string index requested %d.
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dlgtempl.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filetxt.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\include\afxmt.inl
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\filest.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dumpout.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\fixalloc.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledisp1.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olecnvrt.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olemsgf.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\occlock.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\olefact.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledobj2.cpp
a %hs object at $%p, %u bytes long
an invalid object at $%p, %u bytes long
faulted while dumping object at $%p, %u bytes long
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\dumpinit.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledlgs2.cpp
m_bz.hTask =
m_bz.hResource =
m_bz.lpszTemplate =
m_bz.hInstance =
m_bz.lCustData =
m_bz.lpszCaption =
m_bz.hWndOwner =
m_bz.dwFlags =
m_bz.cbStruct =
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\oledoc1.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\list_o.cpp
f:\dd\vctools\crt_bld\self_x86\crt\src\_tolower.c
f:\dd\vctools\crt_bld\self_x86\crt\src\locale0.cpp
f:\dd\vctools\crt_bld\self_x86\crt\src\xmutex.cpp
%s(%d) :
%s_%0x
f:\dd\vctools\vc7libs\ship\atlmfc\src\atl\atls\atlbase.cpp
f:\dd\vctools\crt_bld\self_x86\crt\src\dbgrpt.c
Client hook allocation failure at file %hs line %d.
Memory allocated at %hs(%d).
Client hook re-allocation failure at file %hs line %d.
HEAP CORRUPTION DETECTED: after %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory after end of heap buffer.
HEAP CORRUPTION DETECTED: before %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory before start of heap buffer.
CRT detected that the application wrote to a heap buffer that was freed.
crt block at 0x%p, subtype %x, %Iu bytes long.
client block at 0x%p, subtype %x, %Iu bytes long.
%hs(%d) :
#File Error#(%d) :
Data: <%s> %s
f:\dd\vctools\crt_bld\self_x86\crt\src\onexit.c
f:\dd\vctools\crt_bld\self_x86\crt\src\setvbuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c
_CrtDbgReport: String too long or IO Error
Debug %s!
Program: %s%s%s%s%s%s%s%s%s%s%s%s
f:\dd\vctools\crt_bld\self_x86\crt\src\osfinfo.c
%s(%d) : %s
_CrtDbgReport: String too long or Invalid characters in String
f:\dd\vctools\crt_bld\self_x86\crt\src\_file.c
f:\dd\vctools\crt_bld\self_x86\crt\src\initctyp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\setlocal.c
f:\dd\vctools\crt_bld\self_x86\crt\src\stdenvp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\stdargv.c
f:\dd\vctools\crt_bld\self_x86\crt\src\w_env.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ioinit.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tidtable.c
This is an unsupported way to load Visual C   DLLs. You need to modify your application to build with a manifest.
- Attempt to initialize the CRT more than once.
- CRT not initialized
Please contact the application's support team for more information.
- floating point support not loaded
f:\dd\vctools\crt_bld\self_x86\crt\src\mlock.c
GetProcessWindowStation
f:\dd\vctools\crt_bld\self_x86\crt\src\output.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbctype.c
f:\dd\vctools\crt_bld\self_x86\crt\src\read.c
f:\dd\vctools\crt_bld\self_x86\crt\src\stream.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_sftbuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\drive.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_getbuf.c
ADVAPI32.DLL
f:\dd\vctools\crt_bld\self_x86\crt\src\inithelp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tzset.c
f:\dd\vctools\crt_bld\self_x86\crt\src\gmtime.c
USER32.DLL
f:\dd\vctools\crt_bld\self_x86\crt\src\convrtcp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\inittime.c
f:\dd\vctools\crt_bld\self_x86\crt\src\initnum.c
f:\dd\vctools\crt_bld\self_x86\crt\src\initmon.c
portuguese-brazilian
operator
Run-Time Check Failure #%d - %s
f:\dd\vctools\crt_bld\self_x86\crt\src\wtombenv.c
MSPDB80.DLL
RegCloseKey
RegOpenKeyExA
f:\dd\vctools\crt_bld\self_x86\crt\src\setenv.c
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\appmodul.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winmain.cpp
GetProcessHeap
KERNEL32.dll
SetWindowsHookExW
GetKeyState
UnhookWindowsHookEx
CreateDialogIndirectParamW
USER32.dll
RegOpenKeyExW
RegEnumKeyExW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyW
RegEnumKeyW
RegOpenKeyW
RegCreateKeyExW
ADVAPI32.dll
ole32.dll
ShellExecuteExW
ShellExecuteW
SHELL32.dll
OLEAUT32.dll
UrlUnescapeW
SHLWAPI.dll
GetViewportExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GDI32.dll
COMDLG32.dll
WINSPOOL.DRV
COMCTL32.dll
oledlg.dll
URLDownloadToFileW
urlmon.dll
IPHLPAPI.DLL
RPCRT4.dll
OLEACC.dll
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenUrlW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
WININET.dll
GetCPInfo
GetConsoleOutputCP
.?AVCCmdTarget@@
.?AVCWebBrowser2@@
.?AVExecuteBase@@
.?AVExecuteFacade@@
.PAVCFileException@@
.PAVCInternetException@@
.PAVexception@std@@
.PAVCMemoryException@@
.PAVCSimpleException@@
.PAVCException@@
.PAVCObject@@
.PAVCNotSupportedException@@
.PAVCInvalidArgException@@
.PAVCOleException@@
.?AVCNotSupportedException@@
.?AVCTestCmdUI@@
.?AVCCmdUI@@
.PAVCUserException@@
.PAVCResourceException@@
.PAVCArchiveException@@
.?AVCHttpConnection@@
.?AVCHttpFile@@
.?AV?$CFixedStringT@V?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@$0BAA@@ATL@@
.?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@
.PAVCOleDispatchException@@
zcÁ
"""2#"#"
##:;;>>1
jjk%xxy
jjk`jjk%xxy
(. .dD=A
J.eOH
.Pmli
.qO.>g]
%U~J,
vY%UCKG
o.my\
,9%C[
h.NLg
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xutility
AtlThrow: hr = 0x%x
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\atlmfc\include\atlsimpstr.h
std::_Vector_const_iterator<unsigned int,class std::allocator<unsigned int> >::operator *
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\vector
std::_Vector_const_iterator<unsigned int,class std::allocator<unsigned int> >::operator  =
std::_Vector_const_iterator<struct offerStruct *,class std::allocator<struct offerStruct *> >::operator *
std::_Vector_const_iterator<class std::vector<unsigned int,class std::allocator<unsigned int> > *,class std::allocator<class std::vector<unsigned int,class std::allocator<unsigned int> > *> >::operator *
std::_Vector_const_iterator<struct offerStruct *,class std::allocator<struct offerStruct *> >::operator  =
std::_Vector_const_iterator<class std::vector<unsigned int,class std::allocator<unsigned int> > *,class std::allocator<class std::vector<unsigned int,class std::allocator<unsigned int> > *> >::operator  =
std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >::operator []
hWarning: implicit LoadString(%u) failed
HKEY_USERS
HKEY_LOCAL_MACHINE
HKEY_CURRENT_USER
HKEY_CLASSES_ROOT
Windows
IsWindowsServer,
std::vector<unsigned char,class std::allocator<unsigned char> >::operator []
std::_Vector_const_iterator<unsigned char,class std::allocator<unsigned char> >::operator *
std::_Vector_const_iterator<unsigned char,class std::allocator<unsigned char> >::operator  =
std::vector<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::operator []
std::_String_const_iterator<char,struct std::char_traits<char>,class std::allocator<char> >::operator *
std::_String_const_iterator<char,struct std::char_traits<char>,class std::allocator<char> >::operator   
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\algorithm
std::_Vector_const_iterator<unsigned char,class std::allocator<unsigned char> >::operator   
std::_String_const_iterator<char,struct std::char_traits<char>,class std::allocator<char> >::operator  =
std::_Vector_const_iterator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::operator  =
std::_Vector_const_iterator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::operator *
std::_Vector_const_iterator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::operator   
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\ostream
std::_Tree<class std::_Tmap_traits<int,wchar_t const *,struct std::less<int>,class std::allocator<struct std::pair<int const ,wchar_t const *> >,0> >::const_iterator::operator ==
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\xtree
std::_Tree<class std::_Tmap_traits<int,wchar_t const *,struct std::less<int>,class std::allocator<struct std::pair<int const ,wchar_t const *> >,0> >::const_iterator::operator *
Ainvalid operator<
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,unsigned long,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,unsigned long> >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > > >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,__int64,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,__int64> >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,unsigned long,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,unsigned long> >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > > >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,__int64,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,__int64> >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > > >,0> >::const_iterator::_Inc
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,unsigned long,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,unsigned long> >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,unsigned long,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,unsigned long> >,0> >::const_iterator::_Inc
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > > >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,__int64,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,__int64> >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,__int64,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,__int64> >,0> >::const_iterator::_Inc
ExtractIcon.cpp
std::list<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::_Const_iterator<1>::operator   
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\list
std::list<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::_Const_iterator<1>::operator --
std::_String_const_iterator<char,struct std::char_traits<char>,class std::allocator<char> >::operator --
std::_String_const_iterator<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> >::operator *
std::_String_const_iterator<wchar_t,struct std::char_traits<wchar_t>,class std::allocator<wchar_t> >::operator   
std::_Vector_const_iterator<class std::tr1::sub_match<char const *>,class std::allocator<class std::tr1::sub_match<char const *> > >::operator  =
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\include\regex
_std::_Vector_const_iterator<char,class std::allocator<char> >::operator *
std::list<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,class std::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::_Const_iterator<1>::operator *
std::vector<class std::tr1::sub_match<char const *>,class std::allocator<class std::tr1::sub_match<char const *> > >::operator []
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class CWinThread *,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class CWinThread *> >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class CWinThread *,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class CWinThread *> >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class CWinThread *,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class CWinThread *> >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class CWinThread *,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class CWinThread *> >,0> >::const_iterator::_Inc
%Program Files% (x86)\Microsoft Visual Studio 9.0\VC\atlmfc\include\atlcomcli.h
helpJavaScript.cpp
std::_Vector_const_iterator<wchar_t,class std::allocator<wchar_t> >::operator  =
std::_Vector_const_iterator<wchar_t,class std::allocator<wchar_t> >::operator *
std::_Vector_const_iterator<wchar_t,class std::allocator<wchar_t> >::operator   
std::vector<wchar_t,class std::allocator<wchar_t> >::operator []
E_OUTOFMEMORY FAIL URLDownloadToFile
INET_E_DOWNLOAD_FAILURE FAIL URLDownloadToFile
SUCCEEDED URLDownloadToFile
SUCCEEDED default URLDownloadToFile
default URLDownloadToFile
hXXps://
std::vector<struct PayloadParser::argument,class std::allocator<struct PayloadParser::argument> >::operator []
std::_Vector_const_iterator<struct PayloadParser::argument,class std::allocator<struct PayloadParser::argument> >::operator  =
std::_Vector_const_iterator<struct PayloadParser::argument,class std::allocator<struct PayloadParser::argument> >::operator *
std::_Vector_const_iterator<struct PayloadParser::argument,class std::allocator<struct PayloadParser::argument> >::operator   
data.exe
start.gif
std::vector<struct CPictureEx::TFrame,class std::allocator<struct CPictureEx::TFrame> >::operator []
std::_Vector_const_iterator<struct CPictureEx::TFrame,class std::allocator<struct CPictureEx::TFrame> >::operator *
std::_Vector_const_iterator<struct CPictureEx::TFrame,class std::allocator<struct CPictureEx::TFrame> >::operator   
std::_Vector_const_iterator<struct CPictureEx::TFrame,class std::allocator<struct CPictureEx::TFrame> >::operator  =
5.2.365
"sentry.interfaces.Message": {
EHKEY_CURRENT_CONFIG\
HKEY_CURRENT_CONFIG
HKEY_USERS\
HKEY_LOCAL_MACHINE\
HKEY_CURRENT_USER\
HKEY_CLASSES_ROOT\
std::_Tree<class std::_Tmap_traits<unsigned int,class CTrayIcon *,struct std::less<unsigned int>,class std::allocator<struct std::pair<unsigned int const ,class CTrayIcon *> >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<unsigned int,class CTrayIcon *,struct std::less<unsigned int>,class std::allocator<struct std::pair<unsigned int const ,class CTrayIcon *> >,0> >::const_iterator::operator *
%s%s%s
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >,0> >::const_iterator::operator ==
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >,0> >::const_iterator::operator *
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >,0> >::const_iterator::_Dec
std::_Tree<class std::_Tmap_traits<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > >,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> >,struct std::less<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > >,class std::allocator<struct std::pair<class ATL::CStringT<wchar_t,class StrTraitMFC<wchar_t,class ATL::ChTraitsCRT<wchar_t> > > const ,class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >,0> >::const_iterator::_Inc
SELECT * FROM Win32_OperatingSystem
_hd_%S
0mb_%S
Windows
CACHE_S_FORMATETC_NOTSUPPORTED
CO_E_SERVER_EXEC_FAILURE
MK_E_INTERMEDIATEINTERFACENOTSUPPORTED
OLE_E_ADVISENOTSUPPORTED
REGDB_E_KEYMISSING
TCACHE_E_FIRST...CACHE_E_LAST
CACHE_S_FIRST...CACHE_S_LAST
CLASSFACTORY_E_FIRST...CLASSFACTORY_E_LAST
CLASSFACTORY_S_FIRST...CLASSFACTORY_S_LAST
CLIENTSITE_E_FIRST...CLIENTSITE_E_LAST
CLIENTSITE_S_FIRST...CLIENTSITE_S_LAST
CLIPBRD_E_FIRST...CLIPBRD_E_LAST
CLIPBRD_S_FIRST...CLIPBRD_S_LAST
CONVERT10_E_FIRST...CONVERT10_E_LAST
CONVERT10_S_FIRST...CONVERT10_S_LAST
CO_E_FIRST...CO_E_LAST
CO_S_FIRST...CO_S_LAST
DATA_E_FIRST...DATA_E_LAST
DATA_S_FIRST...DATA_S_LAST
DRAGDROP_E_FIRST...DRAGDROP_E_LAST
DRAGDROP_S_FIRST...DRAGDROP_S_LAST
ENUM_E_FIRST...ENUM_E_LAST
ENUM_S_FIRST...ENUM_S_LAST
INPLACE_E_FIRST...INPLACE_E_LAST
INPLACE_S_FIRST...INPLACE_S_LAST
MARSHAL_E_FIRST...MARSHAL_E_LAST
MARSHAL_S_FIRST...MARSHAL_S_LAST
MK_E_FIRST...MK_E_LAST
MK_S_FIRST...MK_S_LAST
OLEOBJ_E_FIRST...OLEOBJ_E_LAST
OLEOBJ_S_FIRST...OLEOBJ_S_LAST
OLE_E_FIRST...OLE_E_LAST
OLE_S_FIRST...OLE_S_LAST
REGDB_E_FIRST...REGDB_E_LAST
REGDB_S_FIRST...REGDB_S_LAST
VIEW_E_FIRST...VIEW_E_LAST
VIEW_S_FIRST...VIEW_S_LAST
FACILITY_WINDOWS
severity: %s, facility: %s ($lX)
range: %s ($lX)
%s ($lX)
Warning: constructing COleException, scode = %s.
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlalloc.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlcomcli.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlsimpstr.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\cstringt.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlconv.h
F%s (%s:%d)
%s (%s:%d)
ntdll.dll
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Software\Microsoft\Windows\CurrentVersion\Policies\Network
Software\Microsoft\Windows\CurrentVersion\Policies\Comdlg32
%s%s.dll
If:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winfrm.cpp
Error: failed to execute DDE command '%s'.
Warning: DDE command '%s' ignored because window is disabled.
Can't register window class named %s
Afx:%p:%x:%p:%p:%p
Afx:%p:%x
WinHelp: pszHelpFile = '%s', dwData: $%lx, fuCommand: %d.
HtmlHelp: pszHelpFile = '%s', dwData: $%lx, fuCommand: %d.
accKeyboardShortcut
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlcom.h
commctrl_DragListMsg
pMRU: open file (%d) '%s'.
If:\dd\vctools\vc7libs\ship\atlmfc\include\afxwin2.inl
Binding entry %d failed. Status: %d
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlbase.h
GetData failed - HRESULT = 0x%X
m_pColumnInfo[nColumn].ulColumnSize == sizeof(ctype)
ERROR: Dialog named '%s' must have the child style.
ERROR: Dialog named '%s' must be invisible.
ERROR: Cannot find dialog template named '%s'.
CLSID\%s
Interface\%s
mfcm90ud.dll
QueryInterface(%s) failed
QueryInterface(%s) succeeded
Icomctl32.dll
Icomdlg32.dll
Ishell32.dll
connecting to socket address '%s'
resolved name for %s!
resolving name for %s
Warning: destroying an open %s with handle %8.8X
Warning: Disconnecting %s handle %8.8X in context %8.8X at destruction.
JHTTP/1.0
WININET.DLL
Warning: could not get volume information '%s'.
Warning: could not parse the path '%s'. Path is too long.
Warning: could not parse the path '%s'.
CFile exception: %hs, File %s, OS error information = %ld.
user32.dll
AppMsg
WinMsg
CmdRouting
%s: hwnd=0xX, msg = 0xX (0xX, 0xX)
%s: hwnd=0xX, msg = %hs (0xX, 0xX)
%s: Advise item='%s', Format='%s', Ack=%d, Defer Update= %d
%s: Execute '%s'.
0xx
Jf:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winctrl2.cpp
Warning: OleInitialize returned scode = %s.
mscoree.dll
nf:\dd\vctools\crt_bld\self_x86\crt\src\xstring
f:\dd\vctools\vc7libs\ship\atlmfc\src\atl\atls\atldebugapi.cpp
%S(%d) :
ppCategory && pfnCrtDbgReport
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlmem.h
f:\dd\vctools\vc7libs\ship\atlmfc\include\atltime.inl
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlbase.inl
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlcomtime.inl
f:\dd\vctools\vc7libs\ship\atlmfc\include\atlcore.h
f:\dd\vctools\vc7libs\ship\atlmfc\src\atl\atls\allocate.cpp
f:\dd\vctools\vc7libs\ship\atlmfc\src\atl\atls\atltracemodulemanager.h
f:\dd\vctools\crt_bld\self_x86\crt\src\memcpy_s.c
f:\dd\vctools\crt_bld\self_x86\crt\src\memmove_s.c
mode == _CRT_RPTHOOK_INSTALL || mode == _CRT_RPTHOOK_REMOVE
wcscpy_s(szOutMessage, 4096, L"_CrtDbgReport: String too long or IO Error")
memcpy_s(szShortProgName, sizeof(TCHAR) * (260 - (szShortProgName - szExeName)), dotdotdot, sizeof(TCHAR) * 3)
wcscpy_s(szExeName, 260, L"<program name unknown>")
__crtMessageWindowW
f:\dd\vctools\crt_bld\self_x86\crt\src\vswprint.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tcscat_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\dbgheap.c
_CrtCheckMemory()
_CrtIsValidHeapPointer(pUserData)
_CrtSetDbgFlag
(fNewBits==_CRTDBG_REPORT_FLAG) || ((fNewBits & 0x0ffff & ~(_CRTDBG_ALLOC_MEM_DF | _CRTDBG_DELAY_FREE_MEM_DF | _CRTDBG_CHECK_ALWAYS_DF | _CRTDBG_CHECK_CRT_DF | _CRTDBG_LEAK_CHECK_DF) ) == 0)
_CrtMemCheckpoint
f:\dd\vctools\crt_bld\self_x86\crt\src\vsprintf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fclose.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fread.c
f:\dd\vctools\crt_bld\self_x86\crt\src\rewind.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ftell.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fseek.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fopen.c
f:\dd\vctools\crt_bld\self_x86\crt\src\printf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\strtol.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tcscpy_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\stat64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcsicmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tmakepath_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\wcstombs.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tsplitpath_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\fgetc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fputc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ungetc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ungetc_nolock.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\fwrite.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fgetpos.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fsetpos.c
f:\dd\vctools\crt_bld\self_x86\crt\src\loctim64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wprintf.c
nf:\dd\vctools\crt_bld\self_x86\crt\src\strftime.c
("Invalid MBCS character sequence passed to strftime",0)
("Invalid MBCS character sequence passed into strftime",0)
f:\dd\vctools\crt_bld\self_x86\crt\src\malloc.h
("Corrupted pointer passed to _freea", 0)
f:\dd\vctools\crt_bld\self_x86\crt\src\fprintf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mktime64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcslwr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\atof.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wtof.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcstol.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcsupr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbstowcs.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsinc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsstr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbschr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\tcsncpy_s.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\wcsdup.c
f:\dd\vctools\crt_bld\self_x86\crt\src\xtoa.c
U_CrtSetReportHook2
strcpy_s(szOutMessage, 4096, "_CrtDbgReport: String too long or IO Error")
strcpy_s(szExeName, 260, "<program name unknown>")
__crtMessageWindowA
f:\dd\vctools\crt_bld\self_x86\crt\src\fullpath.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fileno.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fdopen.c
f:\dd\vctools\crt_bld\self_x86\crt\src\feoferr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fputws.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fgets.c
f:\dd\vctools\crt_bld\self_x86\crt\src\clearerr.c
fMode == _CRTDBG_REPORT_MODE || (fMode & ~(_CRTDBG_MODE_FILE | _CRTDBG_MODE_DEBUG | _CRTDBG_MODE_WNDW)) == 0
_CrtSetReportMode
f:\dd\vctools\crt_bld\self_x86\crt\src\dbgrptt.c
nRptType >= 0 && nRptType < _CRT_ERRCNT
wcscpy_s(szOutMessage2, 4096, L"_CrtDbgReport: String too long or Invalid characters in String")
strcpy_s(szUserMessage, 4096, "_CrtDbgReport: String too long or IO Error")
_VCrtDbgReportA
strcpy_s(szOutMessage2, 4096, "_CrtDbgReport: String too long or Invalid characters in String")
wcscpy_s(szUserMessage, 4096, L"_CrtDbgReport: String too long or IO Error")
_VCrtDbgReportW
((ptloci->lc_category[category].wlocale != NULL) && (ptloci->lc_category[category].wrefcount != NULL)) || ((ptloci->lc_category[category].wlocale == NULL) && (ptloci->lc_category[category].wrefcount == NULL))
f:\dd\vctools\crt_bld\self_x86\crt\src\a_cmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\strtod.c
f:\dd\vctools\crt_bld\self_x86\crt\src\gmtime64.c
KERNEL32.DLL
strcat_s(outmsg, (sizeof(outmsg) / sizeof(outmsg[0])), rterrs[tblindx].rterrtxt)
strcat_s(outmsg, (sizeof(outmsg) / sizeof(outmsg[0])), "\n\n")
strcpy_s(outmsg, (sizeof(outmsg) / sizeof(outmsg[0])), "Runtime Error!\n\nProgram: ")
_NMSG_WRITE
f:\dd\vctools\crt_bld\self_x86\crt\src\crt0msg.c
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\eh\typname.cpp
f:\dd\vctools\crt_bld\self_x86\crt\src\winsig.c
WUSER32.DLL
f:\dd\vctools\crt_bld\self_x86\crt\src\_flsbuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\intel\fp8.c
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\conv\cvt.c
f:\dd\vctools\crt_bld\self_x86\crt\src\isctype.c
f:\dd\vctools\crt_bld\self_x86\crt\src\expand.c
f:\dd\vctools\crt_bld\self_x86\crt\src\close.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_freebuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_filbuf.c
f:\dd\vctools\crt_bld\self_x86\crt\src\lseek.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_open.c
f:\dd\vctools\crt_bld\self_x86\crt\src\dtoxtm64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\commit.c
f:\dd\vctools\crt_bld\self_x86\crt\src\write.c
f:\dd\vctools\crt_bld\self_x86\crt\src\ftelli64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\fseeki64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\timeset.c
f:\dd\vctools\crt_bld\self_x86\crt\src\stricmp.c
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\include\strgtold12.inl
f:\dd\vctools\crt_bld\self_x86\crt\src\getcwd.c
strcpy_s(resultstr, resultsize, autofos.man)
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\conv\cfout.c
f:\dd\vctools\crt_bld\self_x86\crt\src\getqloc.c
f:\dd\vctools\crt_bld\self_x86\crt\src\errmode.c
f:\dd\vctools\crt_bld\self_x86\crt\src\lseeki64.c
f:\dd\vctools\crt_bld\self_x86\crt\src\isatty.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbtowc.c
_loc_update.GetLocaleT()->locinfo->mb_cur_max == 1 || _loc_update.GetLocaleT()->locinfo->mb_cur_max == 2
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\tran\contrlfp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\_fptostr.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wctomb.c
f:\dd\vctools\crt_bld\self_x86\crt\src\open.c
0 && "Only UTF-16 little endian & UTF-8 is supported for reads"
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsnbicm.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsnbcmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\getenv.c
f:\dd\vctools\crt_bld\self_x86\crt\prebuild\conv\x10fout.c
f:\dd\vctools\crt_bld\self_x86\crt\src\strnicmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\wcsnicmp.c
f:\dd\vctools\crt_bld\self_x86\crt\src\setmode.c
f:\dd\vctools\crt_bld\self_x86\crt\src\mbsnbico.c
f:\dd\vctools\crt_bld\self_x86\crt\src\strnicol.c
("CRT Logic error during setenv",0)
__crtsetenv
c:\%original file name%.exe
{8856F961-340A-11D0-A96B-00C04FD705A2}
All Files (*.*)
No error message is available.#Attempted an unsupported operation.$A required resource was unavailable.
Command failed.)Insufficient memory to perform operation.PSystem registry entries have been removed and the INI file (if any) was deleted.BNot all of the system registry entries (or INI file) were removed.FThis program requires the file %s, which was not found on this system.tThis program is linked to the missing export %s in the file %s. This machine may have an incompatible version of %s.
Destination disk drive is full.5Unable to read from %1, it is opened by someone else.AUnable to write to %1, it is read-only or opened by someone else.1Encountered an unexpected error while reading %1.1Encountered an unexpected error while writing %1.
#Unable to load mail system support.

%original file name%.exe_944_rwx_005AB000_00003000:




<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"></supportedOS>
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></supportedOS>
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS>
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS>
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></supportedOS>
kernel32.dll
USER32.dll
ADVAPI32.dll
ole32.dll
SHELL32.dll
ShellExecuteW
OLEAUT32.dll
SHLWAPI.dll
GDI32.dll
COMDLG32.dll
WINSPOOL.DRV
COMCTL32.dll
oledlg.dll
urlmon.dll
URLDownloadToFileW
IPHLPAPI.DLL
RPCRT4.dll
OLEACC.dll
WININET.dll

%original file name%.exe_944_rwx_00AB0000_00003000:




The procedure %s could not be located in the DLL %s.
The ordinal %d could not be located in the DLL %s.

iexplore.exe_1804:




%?9-*09,*19}*09
.text
`.data
.rsrc
msvcrt.dll
KERNEL32.dll
NTDLL.DLL
USER32.dll
SHLWAPI.dll
SHDOCVW.dll
Software\Microsoft\Windows\CurrentVersion\Explorer\BrowseNewProcess
IE-X-X
rsabase.dll
System\CurrentControlSet\Control\Windows
dw15 -x -s %u
watson.microsoft.com
IEWatsonURL
%s -h %u
iedw.exe
Iexplore.XPExceptionFilter
jscript.DLL
mshtml.dll
mlang.dll
urlmon.dll
wininet.dll
shdocvw.DLL
browseui.DLL
comctl32.DLL
IEXPLORE.EXE
iexplore.pdb
ADVAPI32.dll
MsgWaitForMultipleObjects
IExplorer.EXE
IIIIIB(II<.Fg
7?_____ZZSSH%
)z.UUUUUUUU
,....Qym
````2```
{.QLQIIIKGKGKGKGKGKG
;33;33;0
8888880
8887080
browseui.dll
shdocvw.dll
6.00.2900.5512 (xpsp.080413-2105)
Windows
Operating System
6.00.2900.5512

JFileManager.exe_2052_rwx_01040000_00010000:




j5j2j%U

JFileManager.exe_2052_rwx_013C0000_00010000:




{08.{@8.{

JFileManager.exe_2052_rwx_04000000_0000C000:




9y%u=






Remove it with Ad-Aware




    

  1. Click (here) to download and install Ad-Aware Free Antivirus.
    2. 

  2. Update the definition files.
    3. 

  3. Run a full scan of your computer.
    4. 





Manual removal*




    

  1. Terminate malicious process(es) (How to End a Process With the Task Manager):
    

    jfilemanagersetup.exe:1980
    

    2. 

  2. Delete the original Trojan file.
    3. 

  3. Delete or disinfect the following files created/modified by the Trojan:
    

    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\C9U7WXIF\JFileManagerSetup[1].exe (1014662 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\msjava[1].dll (465777 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\bullet-short[1].gif (54 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\SHYFG96R\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\SHYFG96R\loadingBar[1].gif (7422 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Cookies\Current_User@getipintel[1].txt (221 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\KLEFGDIV\loading-install[1].gif (7 bytes)
    %Documents and Settings%\%current user%\Cookies\index.dat (400 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\KLEFGDIV\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\SHYFG96R\progress-bar[1].png (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\C9U7WXIF\style[1].css (3073 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CTI3WL23\i-download[1].png (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\C9U7WXIF\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Local Settings\Application Data\Setup Wizard\c54747b6-b9f3-4091-9baf-f1ed791ee404\jfilemanagersetup.exe (1014662 bytes)
    %System%\wbem\Logs\wbemprox.log (225 bytes)
    %Program Files%\JFileManager\Languages\Italian.gif (934 bytes)
    %Program Files%\JFileManager\Languages\Hindi.ini (2 bytes)
    %Program Files%\JFileManager\Languages\Italian.ini (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temp\nse3.tmp\nsProcess.dll (4 bytes)
    %Program Files%\JFileManager\icono.ico (12088 bytes)
    %Program Files%\JFileManager\Languages\Hindi.gif (920 bytes)
    %Program Files%\JFileManager\Newtonsoft.Json.dll (12536 bytes)
    %Program Files%\JFileManager\Languages\Spanish.gif (569 bytes)
    %Program Files%\JFileManager\JFileManager.exe (37368 bytes)
    %Program Files%\JFileManager\Languages\English.ini (1 bytes)
    %Program Files%\JFileManager\Languages\French.gif (928 bytes)
    %Program Files%\JFileManager\Languages\Spanish.ini (1 bytes)
    %Program Files%\JFileManager\Languages\Portuguese.ini (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temp\nso2.tmp (126424 bytes)
    %Program Files%\JFileManager\Languages\Hebrew.gif (929 bytes)
    %Program Files%\JFileManager\update.xml (206 bytes)
    %Documents and Settings%\All Users\Start Menu\Programs\JFileManager\JFileManager.lnk (836 bytes)
    %Program Files%\JFileManager\Languages\English.gif (977 bytes)
    %Program Files%\JFileManager\uninstall.exe (3096 bytes)
    %Program Files%\JFileManager\Languages\Portuguese.gif (883 bytes)
    %Documents and Settings%\All Users\Start Menu\Programs\JFileManager\Uninstall JFileManager.lnk (637 bytes)
    %Program Files%\JFileManager\Languages\Chinese (Simplified).ini (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Application Data\JFileManager\Config.ini (190 bytes)
    %Documents and Settings%\%current user%\Local Settings\Application Data\JFileManager\Downloads\Torrents\fastresume.data (2 bytes)
    %Program Files%\JFileManager\ComponentFactory.Krypton.Toolkit.dll (77843 bytes)
    %Program Files%\JFileManager\ClipboardURLCatcher.jar (2 bytes)
    %Program Files%\JFileManager\jfilemanager.affcode (3 bytes)
    %Program Files%\JFileManager\Languages\French.ini (1 bytes)
    %Program Files%\JFileManager\jfilemanager.uidnum (23 bytes)
    %Program Files%\JFileManager\Languages\Hebrew.ini (1 bytes)
    %Program Files%\JFileManager\Languages\Chinese (Simplified).gif (941 bytes)
    %Documents and Settings%\%current user%\Local Settings\Application Data\JFileManager\Downloads\Torrents\DhtNodes (2 bytes)
    %Program Files%\JFileManager\Languages\German.gif (916 bytes)
    %Documents and Settings%\All Users\Start Menu\Programs\Startup\WebBrowserJFile.lnk (1 bytes)
    %Program Files%\JFileManager\WebBrowser.exe (5064 bytes)
    %Documents and Settings%\All Users\Desktop\JFileManager.lnk (824 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temp\nse3.tmp\System.dll (11 bytes)
    %Program Files%\JFileManager\Languages\German.ini (1 bytes)
    %Program Files%\JFileManager\dotNetFx40_Full_setup.exe (30344 bytes)
    %Program Files%\JFileManager\LTV.exe (6 bytes)
    

    4. 

  4. Clean the Temporary Internet Files folder, which may contain infected files (How to clean Temporary Internet Files folder).
    5. 

  5. Reboot the computer.
    6. 



*Manual removal may cause unexpected system behaviour and should be performed at your own risk.












 
 




 
No votes yet












				


							


			

				
					  
							

		

		


					
							

	

	
	        


	

        
      
 

      
      

      
    
 

    
  
 

		


		

		
			

			

				

					Lavasoft is the maker of Ad-Aware,
					the world's most popular anti-malware 
					software with over 450 million 
					downloads.
				

				

					© 2026 Lavasoft. All rights reserved.

					Terms Of Use |   Privacy Policy
					


								

			


		

		


	

	
	

	

		x
		
Our best antivirus yet!

		
Fresh new look. Faster scanning. Better protection.

		

			
Enjoy unique new features, lightning fast scans and a simple yet beautiful new look in our best antivirus yet!

			
For a quicker, lighter and more secure experience, download the all new adaware antivirus 12 now!

			
			Download adaware antivirus 12
		

		No thanks, continue to lavasoft.com
	

	

		

			close x
			
Discover the new adaware antivirus 12

			
Our best antivirus yet

			Download Now