!This program cannot be run in DOS mode.
P`.data
.rdata
`@.bss
.idata
libgcj_s.dll
_Jv_RegisterClasses
../../runtime/pseudo-reloc.c
VirtualQuery (addr, &b, sizeof(b))
../../../../gcc-4.4.1/libgcc/../gcc/config/i386/cygming-shared-data.c
0 && "Couldn't retrieve name of GCClib shared data atom"
ret->size == sizeof(__cygming_shared) && "GCClib shared data size mismatch"
0 && "Couldn't add GCClib shared data atom"
-GCCLIBCYGMING-EH-TDM1-SJLJ-GTHR-MINGW32
AddAtomA
CloseHandle
CopyFileW
CreateFileW
ExitProcess
FindAtomA
FindResourceW
GetAtomNameA
GetCommandLineA
GetDateFormatW
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetShortPathNameW
GetStartupInfoA
GetTempPathW
GetTimeFormatW
LoadResource
OutputDebugStringW
SetFilePointer
SetUnhandledExceptionFilter
SizeofResource
VirtualProtect
VirtualQuery
WriteFile
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_onexit
_setmode
atexit
malloc
memcpy
signal
wcscat
wcscmp
wcslen
wcsncat
wcsncpy
ShellExecuteW
DialogBoxParamW
EndDialog
MessageBoxW
KERNEL32.dll
msvcrt.dll
SHELL32.DLL
USER32.dll
!This program cannot be run in DOS mode.
P`.data
.rdata
`@.bss
.idata
libgcj_s.dll
_Jv_RegisterClasses
../../runtime/pseudo-reloc.c
VirtualQuery (addr, &b, sizeof(b))
../../../../gcc-4.4.1/libgcc/../gcc/config/i386/cygming-shared-data.c
0 && "Couldn't retrieve name of GCClib shared data atom"
ret->size == sizeof(__cygming_shared) && "GCClib shared data size mismatch"
0 && "Couldn't add GCClib shared data atom"
-GCCLIBCYGMING-EH-TDM1-SJLJ-GTHR-MINGW32
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
AddAtomA
CloseHandle
CopyFileW
CreateFileW
DeleteFileW
ExitProcess
FindAtomA
FindResourceW
GetAtomNameA
GetDateFormatW
GetFileAttributesW
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetShortPathNameW
GetTempPathW
GetTimeFormatW
LoadResource
OutputDebugStringW
SetFileAttributesW
SetFilePointer
SetUnhandledExceptionFilter
SizeofResource
VirtualProtect
VirtualQuery
WriteFile
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_onexit
_setmode
atexit
malloc
memcpy
signal
wcscat
wcslen
wcsncat
wcsncpy
ShellExecuteW
ADVAPI32.DLL
KERNEL32.dll
msvcrt.dll
SHELL32.DLL
!This program cannot be run in DOS mode.
P`.data
.rdata
`@.bss
.edata
0@.idata
.reloc
}$;] t-
@DCUNG
libgcj_s.dll
_Jv_RegisterClasses
AcsHlpAttemptConnection
AcsHlpNbConnection
AcsHlpNoteNewConnection
WSAttemptAutodialAddr
WSAttemptAutodialName
WSNoteSuccessfulHostentLookup
istd::exception
std::bad_exception
__gnu_cxx::__concurrence_lock_error
__gnu_cxx::__concurrence_unlock_error
pure virtual method called
../../runtime/pseudo-reloc.c
VirtualQuery (addr, &b, sizeof(b))
../../../../gcc-4.4.1/libgcc/../gcc/config/i386/cygming-shared-data.c
0 && "Couldn't retrieve name of GCClib shared data atom"
ret->size == sizeof(__cygming_shared) && "GCClib shared data size mismatch"
0 && "Couldn't add GCClib shared data atom"
-GCCLIBCYGMING-EH-TDM1-SJLJ-GTHR-MINGW32
N10__cxxabiv115__forced_unwindE
N10__cxxabiv117__class_type_infoE
N10__cxxabiv119__foreign_exceptionE
N10__cxxabiv120__si_class_type_infoE
N9__gnu_cxx24__concurrence_lock_errorE
N9__gnu_cxx26__concurrence_unlock_errorE
St13bad_exception
St9exception
St9type_info
rasadhlp.dll
AcsHlpAttemptConnection
AcsHlpNbConnection
AcsHlpNoteNewConnection
WSAttemptAutodialAddr
WSAttemptAutodialName
WSNoteSuccessfulHostentLookup
CoInitialize
CoUninitialize
ObjectFromLresult
SysAllocString
SysFreeString
AddAtomA
CloseHandle
CreateSemaphoreA
CreateThread
DisableThreadLibraryCalls
FindAtomA
GetAtomNameA
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
ReleaseSemaphore
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
_write
__dllonexit
_assert
_errno
fflush
malloc
memcpy
strcmp
wcscmp
wcslen
wcsncat
DispatchMessageW
EnumChildWindows
FindWindowExW
FindWindowW
GetClassNameW
GetCursorPos
GetMessageW
KillTimer
RegisterWindowMessageW
SendMessageTimeoutW
SetTimer
TranslateMessage
WindowFromPoint
OLE32.dll
Oleacc.dll
OLEAUT32.DLL
KERNEL32.dll
msvcrt.dll
msvcrt.dll
USER32.dll
0=0E0i0s0
2!212P2t2
3*3I3e3l3y3
5;5E5X5
707A7w7
9<<C<P<F=a=i=q=
3(383H3X3h3t3
8;8c8}8
8;9T9`9
9-:4:A:U:]:y:
<#<9<@<M<b<k<
=(=G=O=W=
>(>.>9>[>c>k>
?k?p?{?
0:0B0J0
0G1M1X1r1
666;6D6R6Z6d6n6w6
8,8H8T8g8
>)?R?i?
6&6.666>6F6N6V6^6f6n6v6~6
7&7.767>7~7
@:D:H:L:P:T:X:\:`:d:h:l:p:
?$?(?,?0?4?8?<?@?D?H?d?h?l?p?|?
0*1(0&
�Alimama.com Corporation Root CA0
101231160000Z
121231160000Z0*1(0&
�Alimama.com Corporation Root CA0
,0*1(0&
�Alimama.com Corporation Root CA
.E/!_aW&c*0
VeriSign, Inc.1+0)
"VeriSign Time Stamping Services CA0
070615000000Z
120614235959Z0\1
VeriSign, Inc.1402
+VeriSign Time Stamping Services Signer - G20
6^bMRQ4q
JcEG.k
http://ocsp.verisign.com0
"http://crl.verisign.com/tss-ca.crl0
TSA1-20
Western Cape1
Durbanville1
Thawte1
Thawte Certification1�0
Thawte Timestamping CA0
031204000000Z
131203235959Z0S1
VeriSign, Inc.1+0)
"VeriSign Time Stamping Services CA0
http://ocsp.verisign.com0
0http://crl.verisign.com/ThawteTimestampingCA.crl0
TSA2048-1-530
?7!Op1
0>0*1(0&
�Alimama.com Corporation Root CA
l7�/W
VeriSign, Inc.1+0)
"VeriSign Time Stamping Services CA
110706131615Z0#
UG<{-sUb
!This program cannot be run in DOS mode.
P`.data
.rdata
`@.bss
.idata
0*1(0&
�Alimama.com Corporation Root CA0
101231160000Z
121231160000Z0*1(0&
�Alimama.com Corporation Root CA0
,0*1(0&
�Alimama.com Corporation Root CA
.E/!_aW&c*
libgcj_s.dll
_Jv_RegisterClasses
../../runtime/pseudo-reloc.c
VirtualQuery (addr, &b, sizeof(b))
../../../../gcc-4.4.1/libgcc/../gcc/config/i386/cygming-shared-data.c
0 && "Couldn't retrieve name of GCClib shared data atom"
ret->size == sizeof(__cygming_shared) && "GCClib shared data size mismatch"
0 && "Couldn't add GCClib shared data atom"
-GCCLIBCYGMING-EH-TDM1-SJLJ-GTHR-MINGW32
waveOutGetVolume
waveOutSetVolume
AddAtomA
CloseHandle
CreateFileW
DeleteFileW
ExitProcess
FindAtomA
GetAtomNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetShortPathNameW
GetTempPathW
OutputDebugStringW
SetUnhandledExceptionFilter
VirtualProtect
VirtualQuery
WriteFile
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_onexit
_setmode
atexit
malloc
memcpy
signal
wcscat
wcslen
wcsncat
ShellExecuteW
DispatchMessageW
FindWindowExW
FindWindowW
GetMessageW
GetWindowLongW
KillTimer
PostMessageW
SetTimer
TranslateMessage
keybd_event
WINMM.DLL
KERNEL32.dll
msvcrt.dll
SHELL32.DLL
USER32.dll
""r"'"r"!"
r""""""
""""""r"""""" p
r"""""r p
""""""ww"x
'""r"r'"'""r
"'""r"r
wwwwwwwwwwwwwp
222sIII
1112000f
0x77f585c0 referenced memory at 0x00000000. Memory could not be written.
cmd.exe
/c del /A
MAINEXE.exe
23:24:18 PM:10:25..MySelf...0123456789abcdef....
z1TBK_0706.exe
H?aUwtlwfr%KnqjxaNsyjwsjy%J}uqtwjwawfxfimqu3iqq
myyuaxmjqqatujsahtrrfsi
awfxfimqu3iqq
cmd.exe
/c del /A
AddCer.exe
0123456789ABCDEF...MainExe...0123456789abcdef....
_6wfxfimqu3oul
http://www.taobao.com/go/chn/tbk_channel/channelcode.php?pid=mm_12285662_0_0&eventid=101329
http://www.taobao.com/
IEFrame
Internet Explorer_Server
WM_HTML_GETOBJECT
interactive
complete
\rasadhlp.dll
VS_VERSION_INFO
StringFileInfo
080404B0
CompanyName
Microsoft Corporation
FileDescription
Remote Access AutoDial Helper
FileVersion
6, 1, 7600, 16388
InternalName
rasadhlp.dll
LegalCopyright
Microsoft Corporation. All rights reserved.
OriginalFilename
rasadhlp.dll
ProductName
Microsoft Windows Operating System
ProductVersion
6.1.7600.16388
VarFileInfo
Translation
<<<Obsolete>>
cmd.exe
/c del /A
z1yuny4n.cer
rundll32.exe
0123456789ABCDEF...AddCer...0123456789abcdef....
cryptext.dll,CryptExtAddCER
#32770
Button
(&N) >
VS_VERSION_INFO
StringFileInfo
080404B0
CompanyName
Tencent
FileDescription
QQRecycle
FileVersion
1, 61, 2103, 0
InternalName
QQRecycle
LegalCopyright
Copyright 2010 Tencent. All Rights Reserved
OriginalFilename
QQRecycle.exe
ProductName
QQ2011
ProductVersion
1.61.2103.0
VarFileInfo
Translation
VS_VERSION_INFO
StringFileInfo
080404B0
CompanyName
Tencent
FileDescription
QQRecycle
FileVersion
1, 61, 2011, 0
InternalName
QQRecycle
LegalCopyright
Copyright 2010 Tencent. All Rights Reserved
OriginalFilename
QQRecycle.exe
ProductName
QQ2011
ProductVersion
1.61.2011.0
VarFileInfo
Translation
Tahoma
BUTTON
BUTTON
VS_VERSION_INFO
StringFileInfo
080404B0
CompanyName
FileDescription
FileVersion
1, 0, 0, 0
InternalName
LegalCopyright
CopyRigth 2011
LegalTrademarks
OriginalFilename
HPL_TRIAL.exe
ProductName
ProductVersion
1, 0, 0, 0
VarFileInfo
Translation
