[求助]关于Armadillo-加壳脱壳-看雪-安全社区|安全招聘|kanxue.com

最新回复 (6)
bestchao 雪币： 7 能力值： (RANK：50 ) 在线值：发帖 32 回帖 305 粉丝 0 关注私信	bestchao 1 2 楼你的[Overlay] 补上了吗？ 2006-10-16 21:19 0
skype 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 17 粉丝 0 关注私信	skype 3 楼最初由 bestchao* 发布* 你的[Overlay] 补上了吗？这个论坛好bt啊，一天只让我发5贴。我昨晚就想发这个的，结果发现被锁了，只好今天一下班就回来发。 overlay我昨天问过的，不过觉得听得一知半解的。当时不是说是附加数据吗？我不懂，当时还问什么是附加数据。那位朋友给的例子倒是蛮生动的，只是到了.exe文件里是什么概念，我不太懂。朋友你能不能给点指示啊？我现在只会大致地用一下W32ASM和OD。本人觉得自己电脑水平不算差，不过只是以前从没有接触过这些软件罢了。而且我读大学时，没发现这个好地方，不然我早成破解高手了。说不定我的工作和人生也改变了。。。话扯远了，朋友，指点一下吧。 2006-10-16 21:45 0
skype 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 17 粉丝 0 关注私信	skype 4 楼我应该如何修改这个已经被脱的程序，才能把那个广告程序删掉呀？不需要做破解注册之类的，只需要把上来就弹广告的程序弄掉就可以了。我以前只用过ResHacker修改一些资源而改，没遇上过这么的例子。请大家教教我吧？先谢谢了 2006-10-17 21:51 0
bestchao 雪币： 7 能力值： (RANK：50 ) 在线值：发帖 32 回帖 305 粉丝 0 关注私信	bestchao 1 5 楼最初由 skype* 发布* 我应该如何修改这个已经被脱的程序，才能把那个广告程序删掉呀？不需要做破解注册之类的，只需要把上来就弹广告的程序弄掉就可以了。我以前只用过ResHacker修改一些资源而改，没遇上过这么的例子。请大家教教我吧？先谢谢了这些问题可以参考 “看雪精华合集”的文章下载地址就去baidu.com搜索看雪破解大礼包就可以找到拉 2006-10-17 23:24 0
hongbin 雪币： 205 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 12 回帖 32 粉丝 0 关注私信	hongbin 6 楼简直就是一个郁闷.现在这个壳到好一载入直接提示有调试运行自动关闭 2006-10-20 10:54 0
skype 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 17 粉丝 0 关注私信	skype 7 楼用一个叫mm_dillodie1.6的程序居然自动把它脱掉了。（不好意思，急于帮人解决问题，先自动能脱就脱吧。）脱掉以后，发现这东西还是双进程，一启动就上来一个广告，我想把它弄掉，关掉窗口时，会显示： If you close the sponsor window, you will close all Free Tools.Are you sure? 于是，一按，整个程序全被关掉了。我用W32ASM打开它，并没有找到sponsor之类的字串，用OD打开，也没有找到。按理说，用PEiD查出来没有加密，就应该能找到这个sponsor的字串的呀，为什么查不到呢？百丝不得其解。。。难道在相关的dll中？用FileMon查了一下，启动时也没载入什么文件啊。用dir得到的目录列表： hypersrv.exe Exchanges.dat ExchangesDefs.txt cache.map bridge.dll ActualDatafeed.chm HyperServerLite.chm Exchanges.map cache.dat dilloDIE.log hypersrv.exe.dDIE.exe（自动脱壳脱掉的文件）现在问题是，我应该如何修改这个已经被脱的程序，才能把那个广告程序删掉呀？不需要做破解注册之类的，只需要把上来就弹广告的程序弄掉就可以了。请大家教教我吧？先谢谢了附上dilloDIE.log的日志文件 ++++++++++++++ CreateProcess... --> Filename: hypersrv.exe --> Process ID: 00001738 Debugblocker detected... Entering Child Process... --> Process ID: 0000174C IAT Initialization hooked... --> 010B99EE Rebuilding Import Table... --> Thunk @ 0066A2A8 = kernel32.dll!GetCurrentThreadId --> Thunk @ 0066A2AC = kernel32.dll!DeleteCriticalSection --> Thunk @ 0066A2B0 = kernel32.dll!LeaveCriticalSection --> Thunk @ 0066A2B4 = kernel32.dll!EnterCriticalSection --> Thunk @ 0066A2B8 = kernel32.dll!InitializeCriticalSection --> Thunk @ 0066A2BC = kernel32.dll!VirtualFree --> Thunk @ 0066A2C0 = kernel32.dll!VirtualAlloc --> Thunk @ 0066A2C4 = kernel32.dll!LocalFree --> Thunk @ 0066A2C8 = kernel32.dll!LocalAlloc --> Thunk @ 0066A2CC = kernel32.dll!InterlockedDecrement --> Thunk @ 0066A2D0 = kernel32.dll!InterlockedIncrement --> Thunk @ 0066A2D4 = kernel32.dll!VirtualQuery --> Thunk @ 0066A2D8 = kernel32.dll!WideCharToMultiByte --> Thunk @ 0066A2DC = kernel32.dll!MultiByteToWideChar --> Thunk @ 0066A2E0 = kernel32.dll!lstrlenA --> Thunk @ 0066A2E4 = kernel32.dll!lstrcpynA --> Thunk @ 0066A2E8 = kernel32.dll!lstrcpyA --> Thunk @ 0066A2EC = kernel32.dll!LoadLibraryExA --> Thunk @ 0066A2F0 = kernel32.dll!GetThreadLocale --> Thunk @ 0066A2F4 = kernel32.dll!GetStartupInfoA --> Thunk @ 0066A2F8 = kernel32.dll!GetProcAddress --> Thunk @ 0066A2FC = kernel32.dll!GetModuleHandleA --> Thunk @ 0066A300 = kernel32.dll!GetModuleFileNameA --> Thunk @ 0066A304 = kernel32.dll!GetLocaleInfoA --> Thunk @ 0066A308 = kernel32.dll!GetLastError --> Thunk @ 0066A30C = kernel32.dll!GetCommandLineA --> Thunk @ 0066A310 = kernel32.dll!FreeLibrary --> Thunk @ 0066A314 = kernel32.dll!FindFirstFileA --> Thunk @ 0066A318 = kernel32.dll!FindClose --> Thunk @ 0066A31C = kernel32.dll!ExitProcess --> Thunk @ 0066A320 = kernel32.dll!ExitThread --> Thunk @ 0066A324 = kernel32.dll!CreateThread --> Thunk @ 0066A328 = kernel32.dll!WriteFile --> Thunk @ 0066A32C = kernel32.dll!UnhandledExceptionFilter --> Thunk @ 0066A330 = kernel32.dll!SetFilePointer --> Thunk @ 0066A334 = kernel32.dll!SetEndOfFile --> Thunk @ 0066A338 = kernel32.dll!RtlUnwind --> Thunk @ 0066A33C = kernel32.dll!ReadFile --> Thunk @ 0066A340 = kernel32.dll!RaiseException --> Thunk @ 0066A344 = kernel32.dll!GetStdHandle --> Thunk @ 0066A348 = kernel32.dll!GetFileSize --> Thunk @ 0066A34C = kernel32.dll!GetSystemTime --> Thunk @ 0066A350 = kernel32.dll!GetFileType --> Thunk @ 0066A354 = kernel32.dll!CreateFileA --> Thunk @ 0066A358 = kernel32.dll!CloseHandle --> Thunk @ 0066A360 = user32.dll!GetKeyboardType --> Thunk @ 0066A364 = user32.dll!LoadStringA --> Thunk @ 0066A368 = user32.dll!MessageBoxA --> Thunk @ 0066A36C = user32.dll!CharNextA --> Thunk @ 0066A374 = advapi32.dll!RegQueryValueExA --> Thunk @ 0066A378 = advapi32.dll!RegOpenKeyExA --> Thunk @ 0066A37C = advapi32.dll!RegCloseKey --> Thunk @ 0066A384 = oleaut32.dll!SafeArrayPutElement --> Thunk @ 0066A388 = oleaut32.dll!SafeArrayPtrOfIndex --> Thunk @ 0066A38C = oleaut32.dll!SafeArrayGetElement --> Thunk @ 0066A390 = oleaut32.dll!SafeArrayUnaccessData --> Thunk @ 0066A394 = oleaut32.dll!SafeArrayAccessData --> Thunk @ 0066A398 = oleaut32.dll!SafeArrayGetUBound --> Thunk @ 0066A39C = oleaut32.dll!SafeArrayCreate --> Thunk @ 0066A3A0 = oleaut32.dll!VariantChangeTypeEx --> Thunk @ 0066A3A4 = oleaut32.dll!VariantCopyInd --> Thunk @ 0066A3A8 = oleaut32.dll!VariantClear --> Thunk @ 0066A3AC = oleaut32.dll!SysStringLen --> Thunk @ 0066A3B0 = oleaut32.dll!SysFreeString --> Thunk @ 0066A3B4 = oleaut32.dll!SysReAllocStringLen --> Thunk @ 0066A3B8 = oleaut32.dll!SysAllocStringLen --> Thunk @ 0066A3C0 = kernel32.dll!TlsSetValue --> Thunk @ 0066A3C4 = kernel32.dll!TlsGetValue --> Thunk @ 0066A3C8 = kernel32.dll!LocalAlloc --> Thunk @ 0066A3CC = kernel32.dll!GetModuleHandleA --> Thunk @ 0066A3D0 = kernel32.dll!GetModuleFileNameA --> Thunk @ 0066A3D8 = borlndmm.dll!@Borlndmm@SysGetMem$qqri --> Thunk @ 0066A3E0 = kernel32.dll!GetProcAddress --> Thunk @ 0066A3E4 = kernel32.dll!GetModuleHandleA --> Thunk @ 0066A3EC = advapi32.dll!RegSetValueExA --> Thunk @ 0066A3F0 = advapi32.dll!RegQueryValueExA --> Thunk @ 0066A3F4 = advapi32.dll!RegQueryInfoKeyA --> Thunk @ 0066A3F8 = advapi32.dll!RegOpenKeyExA --> Thunk @ 0066A3FC = advapi32.dll!RegFlushKey --> Thunk @ 0066A400 = advapi32.dll!RegEnumValueA --> Thunk @ 0066A404 = advapi32.dll!RegEnumKeyExA --> Thunk @ 0066A408 = advapi32.dll!RegDeleteValueA --> Thunk @ 0066A40C = advapi32.dll!RegDeleteKeyA --> Thunk @ 0066A410 = advapi32.dll!RegCreateKeyExA --> Thunk @ 0066A414 = advapi32.dll!RegCloseKey --> Thunk @ 0066A41C = kernel32.dll!lstrcpyA --> Thunk @ 0066A420 = kernel32.dll!lstrcmpA --> Thunk @ 0066A424 = kernel32.dll!WritePrivateProfileStringA --> Thunk @ 0066A428 = kernel32.dll!WriteFile --> Thunk @ 0066A42C = kernel32.dll!WideCharToMultiByte --> Thunk @ 0066A430 = kernel32.dll!WaitForSingleObject --> Thunk @ 0066A434 = kernel32.dll!WaitForMultipleObjects --> Thunk @ 0066A438 = kernel32.dll!VirtualQueryEx --> Thunk @ 0066A43C = kernel32.dll!VirtualQuery --> Thunk @ 0066A440 = kernel32.dll!VirtualFree --> Thunk @ 0066A444 = kernel32.dll!VirtualAlloc --> Thunk @ 0066A448 = kernel32.dll!VerLanguageNameA --> Thunk @ 0066A44C = kernel32.dll!UnmapViewOfFile --> Thunk @ 0066A450 = kernel32.dll!TerminateThread --> Thunk @ 0066A454 = kernel32.dll!SystemTimeToFileTime --> Thunk @ 0066A458 = kernel32.dll!Sleep --> Thunk @ 0066A45C = kernel32.dll!SizeofResource --> Thunk @ 0066A460 = kernel32.dll!SetThreadPriority --> Thunk @ 0066A464 = kernel32.dll!SetThreadLocale --> Thunk @ 0066A468 = kernel32.dll!SetLastError --> Thunk @ 0066A46C = kernel32.dll!SetFilePointer --> Thunk @ 0066A470 = kernel32.dll!SetEvent --> Thunk @ 0066A474 = kernel32.dll!SetErrorMode --> Thunk @ 0066A478 = kernel32.dll!SetEndOfFile --> Thunk @ 0066A47C = kernel32.dll!SetCurrentDirectoryA --> Thunk @ 0066A480 = kernel32.dll!ResumeThread --> Thunk @ 0066A484 = kernel32.dll!ResetEvent --> Thunk @ 0066A488 = kernel32.dll!RemoveDirectoryA --> Thunk @ 0066A48C = kernel32.dll!ReleaseSemaphore --> Thunk @ 0066A490 = kernel32.dll!ReleaseMutex --> Thunk @ 0066A494 = kernel32.dll!ReadFile --> Thunk @ 0066A498 = kernel32.dll!QueryPerformanceFrequency --> Thunk @ 0066A49C = kernel32.dll!OutputDebugStringA --> Thunk @ 0066A4A0 = kernel32.dll!OpenProcess --> Thunk @ 0066A4A4 = kernel32.dll!MultiByteToWideChar --> Thunk @ 0066A4A8 = kernel32.dll!MulDiv --> Thunk @ 0066A4AC = kernel32.dll!MoveFileA --> Thunk @ 0066A4B0 = kernel32.dll!MapViewOfFile --> Thunk @ 0066A4B4 = kernel32.dll!LockResource --> Thunk @ 0066A4B8 = kernel32.dll!LoadResource --> Thunk @ 0066A4BC = kernel32.dll!LoadLibraryA --> Thunk @ 0066A4C0 = kernel32.dll!LeaveCriticalSection --> Thunk @ 0066A4C4 = kernel32.dll!IsBadReadPtr --> Thunk @ 0066A4C8 = kernel32.dll!IsBadCodePtr --> Thunk @ 0066A4CC = kernel32.dll!InitializeCriticalSectionAndSpinCount --> Thunk @ 0066A4D0 = kernel32.dll!InitializeCriticalSection --> Thunk @ 0066A4D4 = kernel32.dll!GlobalUnlock --> Thunk @ 0066A4D8 = kernel32.dll!GlobalSize --> Thunk @ 0066A4DC = kernel32.dll!GlobalReAlloc --> Thunk @ 0066A4E0 = kernel32.dll!GlobalHandle --> Thunk @ 0066A4E4 = kernel32.dll!GlobalLock --> Thunk @ 0066A4E8 = kernel32.dll!GlobalFree --> Thunk @ 0066A4EC = kernel32.dll!GlobalDeleteAtom --> Thunk @ 0066A4F0 = kernel32.dll!GlobalAlloc --> Thunk @ 0066A4F4 = kernel32.dll!GlobalAddAtomA --> Thunk @ 0066A4F8 = kernel32.dll!GetVolumeInformationA --> Thunk @ 0066A4FC = kernel32.dll!GetVersionExA --> Thunk @ 0066A500 = kernel32.dll!GetVersion --> Thunk @ 0066A504 = kernel32.dll!GetTimeZoneInformation --> Thunk @ 0066A508 = kernel32.dll!GetTimeFormatA --> Thunk @ 0066A50C = kernel32.dll!GetTickCount --> Thunk @ 0066A510 = kernel32.dll!GetThreadLocale --> Thunk @ 0066A514 = kernel32.dll!GetTempPathA --> Thunk @ 0066A518 = kernel32.dll!GetSystemTime --> Thunk @ 0066A51C = kernel32.dll!GetSystemInfo --> Thunk @ 0066A520 = kernel32.dll!GetStringTypeExA --> Thunk @ 0066A524 = kernel32.dll!GetProcAddress --> Thunk @ 0066A528 = kernel32.dll!GetPrivateProfileStringA --> Thunk @ 0066A52C = kernel32.dll!GetOverlappedResult --> Thunk @ 0066A530 = kernel32.dll!GetModuleHandleA --> Thunk @ 0066A534 = kernel32.dll!GetModuleFileNameA --> Thunk @ 0066A538 = kernel32.dll!GetLocaleInfoA --> Thunk @ 0066A53C = kernel32.dll!GetLocalTime --> Thunk @ 0066A540 = kernel32.dll!GetLastError --> Thunk @ 0066A544 = kernel32.dll!GetFileSize --> Thunk @ 0066A548 = kernel32.dll!GetFileAttributesExA --> Thunk @ 0066A54C = kernel32.dll!GetFileAttributesA --> Thunk @ 0066A550 = kernel32.dll!GetExitCodeThread --> Thunk @ 0066A554 = kernel32.dll!GetDriveTypeA --> Thunk @ 0066A558 = kernel32.dll!GetDiskFreeSpaceA --> Thunk @ 0066A55C = kernel32.dll!GetDateFormatA --> Thunk @ 0066A560 = kernel32.dll!GetCurrentThreadId --> Thunk @ 0066A564 = kernel32.dll!GetCurrentProcessId --> Thunk @ 0066A568 = kernel32.dll!GetCurrentProcess --> Thunk @ 0066A56C = kernel32.dll!GetComputerNameA --> Thunk @ 0066A570 = kernel32.dll!GetCPInfo --> Thunk @ 0066A574 = kernel32.dll!FreeResource --> Thunk @ 0066A578 = kernel32.dll!InterlockedIncrement --> Thunk @ 0066A57C = kernel32.dll!InterlockedExchangeAdd --> Thunk @ 0066A580 = kernel32.dll!InterlockedExchange --> Thunk @ 0066A584 = kernel32.dll!InterlockedDecrement --> Thunk @ 0066A588 = kernel32.dll!FreeLibrary --> Thunk @ 0066A58C = kernel32.dll!FormatMessageA --> Thunk @ 0066A590 = kernel32.dll!FlushFileBuffers --> Thunk @ 0066A594 = kernel32.dll!FindResourceA --> Thunk @ 0066A598 = kernel32.dll!FindNextFileA --> Thunk @ 0066A59C = kernel32.dll!FindFirstFileA --> Thunk @ 0066A5A0 = kernel32.dll!FindClose --> Thunk @ 0066A5A4 = kernel32.dll!FileTimeToSystemTime --> Thunk @ 0066A5A8 = kernel32.dll!FileTimeToLocalFileTime --> Thunk @ 0066A5AC = kernel32.dll!FileTimeToDosDateTime --> Thunk @ 0066A5B0 = kernel32.dll!EnumCalendarInfoA --> Thunk @ 0066A5B4 = kernel32.dll!EnterCriticalSection --> Thunk @ 0066A5B8 = kernel32.dll!DeleteFileA --> Thunk @ 0066A5BC = kernel32.dll!DeleteCriticalSection --> Thunk @ 0066A5C0 = kernel32.dll!CreateThread --> Thunk @ 0066A5C4 = kernel32.dll!CreateSemaphoreA --> Thunk @ 0066A5C8 = kernel32.dll!CreateMutexA --> Thunk @ 0066A5CC = kernel32.dll!CreateFileMappingA --> Thunk @ 0066A5D0 = kernel32.dll!CreateFileA --> Thunk @ 0066A5D4 = kernel32.dll!CreateEventA --> Thunk @ 0066A5D8 = kernel32.dll!CreateDirectoryA --> Thunk @ 0066A5DC = kernel32.dll!CompareStringA --> Thunk @ 0066A5E0 = kernel32.dll!CloseHandle --> Thunk @ 0066A5E8 = version.dll!VerQueryValueA --> Thunk @ 0066A5EC = version.dll!GetFileVersionInfoSizeA --> Thunk @ 0066A5F0 = version.dll!GetFileVersionInfoA --> Thunk @ 0066A5F8 = gdi32.dll!UpdateColors --> Thunk @ 0066A5FC = gdi32.dll!UnrealizeObject --> Thunk @ 0066A600 = gdi32.dll!StretchBlt --> Thunk @ 0066A604 = gdi32.dll!SetWindowOrgEx --> Thunk @ 0066A608 = gdi32.dll!SetWindowExtEx --> Thunk @ 0066A60C = gdi32.dll!SetWinMetaFileBits --> Thunk @ 0066A610 = gdi32.dll!SetViewportOrgEx --> Thunk @ 0066A614 = gdi32.dll!SetViewportExtEx --> Thunk @ 0066A618 = gdi32.dll!SetTextColor --> Thunk @ 0066A61C = gdi32.dll!SetTextAlign --> Thunk @ 0066A620 = gdi32.dll!SetStretchBltMode --> Thunk @ 0066A624 = gdi32.dll!SetROP2 --> Thunk @ 0066A628 = gdi32.dll!SetPixel --> Thunk @ 0066A62C = gdi32.dll!SetMapMode --> Thunk @ 0066A630 = gdi32.dll!SetEnhMetaFileBits --> Thunk @ 0066A634 = gdi32.dll!SetDIBits --> Thunk @ 0066A638 = gdi32.dll!SetDIBColorTable --> Thunk @ 0066A63C = gdi32.dll!SetBrushOrgEx --> Thunk @ 0066A640 = gdi32.dll!SetBkMode --> Thunk @ 0066A644 = gdi32.dll!SetBkColor --> Thunk @ 0066A648 = gdi32.dll!SelectPalette --> Thunk @ 0066A64C = gdi32.dll!SelectObject --> Thunk @ 0066A650 = gdi32.dll!SelectClipRgn --> Thunk @ 0066A654 = gdi32.dll!SaveDC --> Thunk @ 0066A658 = gdi32.dll!RoundRect --> Thunk @ 0066A65C = gdi32.dll!RestoreDC --> Thunk @ 0066A660 = gdi32.dll!Rectangle --> Thunk @ 0066A664 = gdi32.dll!RectVisible --> Thunk @ 0066A668 = gdi32.dll!RealizePalette --> Thunk @ 0066A66C = gdi32.dll!PtInRegion --> Thunk @ 0066A670 = gdi32.dll!Polyline --> Thunk @ 0066A674 = gdi32.dll!Polygon --> Thunk @ 0066A678 = gdi32.dll!PolyPolyline --> Thunk @ 0066A67C = gdi32.dll!PlayEnhMetaFile --> Thunk @ 0066A680 = gdi32.dll!PatBlt --> Thunk @ 0066A684 = gdi32.dll!PaintRgn --> Thunk @ 0066A688 = gdi32.dll!MoveToEx --> Thunk @ 0066A68C = gdi32.dll!MaskBlt --> Thunk @ 0066A690 = gdi32.dll!LineTo --> Thunk @ 0066A694 = gdi32.dll!LPtoDP --> Thunk @ 0066A698 = gdi32.dll!IntersectClipRect --> Thunk @ 0066A69C = gdi32.dll!GetWindowOrgEx --> Thunk @ 0066A6A0 = gdi32.dll!GetWinMetaFileBits --> Thunk @ 0066A6A4 = gdi32.dll!GetViewportOrgEx --> Thunk @ 0066A6A8 = gdi32.dll!GetTextMetricsA --> Thunk @ 0066A6AC = gdi32.dll!GetTextExtentPointA --> Thunk @ 0066A6B0 = gdi32.dll!GetTextExtentPoint32A --> Thunk @ 0066A6B4 = gdi32.dll!GetTextColor --> Thunk @ 0066A6B8 = gdi32.dll!GetTextAlign --> Thunk @ 0066A6BC = gdi32.dll!GetSystemPaletteEntries --> Thunk @ 0066A6C0 = gdi32.dll!GetStockObject --> Thunk @ 0066A6C4 = gdi32.dll!GetRgnBox --> Thunk @ 0066A6C8 = gdi32.dll!GetROP2 --> Thunk @ 0066A6CC = gdi32.dll!GetPixel --> Thunk @ 0066A6D0 = gdi32.dll!GetPaletteEntries --> Thunk @ 0066A6D4 = gdi32.dll!GetObjectType --> Thunk @ 0066A6D8 = gdi32.dll!GetObjectA --> Thunk @ 0066A6DC = gdi32.dll!GetNearestColor --> Thunk @ 0066A6E0 = gdi32.dll!GetEnhMetaFilePaletteEntries --> Thunk @ 0066A6E4 = gdi32.dll!GetEnhMetaFileHeader --> Thunk @ 0066A6E8 = gdi32.dll!GetEnhMetaFileBits --> Thunk @ 0066A6EC = gdi32.dll!GetDeviceCaps --> Thunk @ 0066A6F0 = gdi32.dll!GetDIBits --> Thunk @ 0066A6F4 = gdi32.dll!GetDIBColorTable --> Thunk @ 0066A6F8 = gdi32.dll!GetDCOrgEx --> Thunk @ 0066A6FC = gdi32.dll!GetCurrentPositionEx --> Thunk @ 0066A700 = gdi32.dll!GetCurrentObject --> Thunk @ 0066A704 = gdi32.dll!GetClipRgn --> Thunk @ 0066A708 = gdi32.dll!GetClipBox --> Thunk @ 0066A70C = gdi32.dll!GetBrushOrgEx --> Thunk @ 0066A710 = gdi32.dll!GetBkMode --> Thunk @ 0066A714 = gdi32.dll!GetBkColor --> Thunk @ 0066A718 = gdi32.dll!GetBitmapBits --> Thunk @ 0066A71C = gdi32.dll!GdiFlush --> Thunk @ 0066A720 = gdi32.dll!FrameRgn --> Thunk @ 0066A724 = gdi32.dll!ExtTextOutA --> Thunk @ 0066A728 = gdi32.dll!ExtSelectClipRgn --> Thunk @ 0066A72C = gdi32.dll!ExtCreatePen --> Thunk @ 0066A730 = gdi32.dll!ExcludeClipRect --> Thunk @ 0066A734 = gdi32.dll!Ellipse --> Thunk @ 0066A738 = gdi32.dll!DeleteObject --> Thunk @ 0066A73C = gdi32.dll!DeleteEnhMetaFile --> Thunk @ 0066A740 = gdi32.dll!DeleteDC --> Thunk @ 0066A744 = gdi32.dll!CreateSolidBrush --> Thunk @ 0066A748 = gdi32.dll!CreateRectRgnIndirect --> Thunk @ 0066A74C = gdi32.dll!CreateRectRgn --> Thunk @ 0066A750 = gdi32.dll!CreatePolygonRgn --> Thunk @ 0066A754 = gdi32.dll!CreatePenIndirect --> Thunk @ 0066A758 = gdi32.dll!CreatePen --> Thunk @ 0066A75C = gdi32.dll!CreatePatternBrush --> Thunk @ 0066A760 = gdi32.dll!CreatePalette --> Thunk @ 0066A764 = gdi32.dll!CreateHalftonePalette --> Thunk @ 0066A768 = gdi32.dll!CreateFontIndirectA --> Thunk @ 0066A76C = gdi32.dll!CreateEllipticRgn --> Thunk @ 0066A770 = gdi32.dll!CreateDIBitmap --> Thunk @ 0066A774 = gdi32.dll!CreateDIBSection --> Thunk @ 0066A778 = gdi32.dll!CreateCompatibleDC --> Thunk @ 0066A77C = gdi32.dll!CreateCompatibleBitmap --> Thunk @ 0066A780 = gdi32.dll!CreateBrushIndirect --> Thunk @ 0066A784 = gdi32.dll!CreateBitmap --> Thunk @ 0066A788 = gdi32.dll!CopyEnhMetaFileA --> Thunk @ 0066A78C = gdi32.dll!CombineRgn --> Thunk @ 0066A790 = gdi32.dll!BitBlt --> Thunk @ 0066A798 = user32.dll!WindowFromPoint --> Thunk @ 0066A79C = user32.dll!WinHelpA --> Thunk @ 0066A7A0 = user32.dll!WaitMessage --> Thunk @ 0066A7A4 = user32.dll!VkKeyScanA --> Thunk @ 0066A7A8 = user32.dll!ValidateRect --> Thunk @ 0066A7AC = user32.dll!UpdateWindow --> Thunk @ 0066A7B0 = user32.dll!UnregisterClassA --> Thunk @ 0066A7B4 = user32.dll!UnionRect --> Thunk @ 0066A7B8 = user32.dll!UnhookWindowsHookEx --> Thunk @ 0066A7BC = user32.dll!TranslateMessage --> Thunk @ 0066A7C0 = user32.dll!TranslateMDISysAccel --> Thunk @ 0066A7C4 = user32.dll!TrackPopupMenu --> Thunk @ 0066A7C8 = user32.dll!SystemParametersInfoA --> Thunk @ 0066A7CC = user32.dll!ShowWindow --> Thunk @ 0066A7D0 = user32.dll!ShowScrollBar --> Thunk @ 0066A7D4 = user32.dll!ShowOwnedPopups --> Thunk @ 0066A7D8 = user32.dll!ShowCursor --> Thunk @ 0066A7DC = user32.dll!ShowCaret --> Thunk @ 0066A7E0 = user32.dll!SetWindowRgn --> Thunk @ 0066A7E4 = user32.dll!SetWindowsHookExA --> Thunk @ 0066A7E8 = user32.dll!SetWindowTextA --> Thunk @ 0066A7EC = user32.dll!SetWindowPos --> Thunk @ 0066A7F0 = user32.dll!SetWindowPlacement --> Thunk @ 0066A7F4 = user32.dll!SetWindowLongA --> Thunk @ 0066A7F8 = user32.dll!SetTimer --> Thunk @ 0066A7FC = user32.dll!SetScrollRange --> Thunk @ 0066A800 = user32.dll!SetScrollPos --> Thunk @ 0066A804 = user32.dll!SetScrollInfo --> Thunk @ 0066A808 = user32.dll!SetRectEmpty --> Thunk @ 0066A80C = user32.dll!SetRect --> Thunk @ 0066A810 = user32.dll!SetPropA --> Thunk @ 0066A814 = user32.dll!SetParent --> Thunk @ 0066A818 = user32.dll!SetMenuItemInfoA --> Thunk @ 0066A81C = user32.dll!SetMenu --> Thunk @ 0066A820 = user32.dll!SetKeyboardState --> Thunk @ 0066A824 = user32.dll!SetForegroundWindow --> Thunk @ 0066A828 = user32.dll!SetFocus --> Thunk @ 0066A82C = user32.dll!SetCursor --> Thunk @ 0066A830 = user32.dll!SetClipboardViewer --> Thunk @ 0066A834 = user32.dll!SetClipboardData --> Thunk @ 0066A838 = user32.dll!SetClassLongA --> Thunk @ 0066A83C = user32.dll!SetCapture --> Thunk @ 0066A840 = user32.dll!SetActiveWindow --> Thunk @ 0066A844 = user32.dll!SendMessageA --> Thunk @ 0066A848 = user32.dll!ScrollWindowEx --> Thunk @ 0066A84C = user32.dll!ScrollWindow --> Thunk @ 0066A850 = user32.dll!ScreenToClient --> Thunk @ 0066A854 = user32.dll!RemovePropA --> Thunk @ 0066A858 = user32.dll!RemoveMenu --> Thunk @ 0066A85C = user32.dll!ReleaseDC --> Thunk @ 0066A860 = user32.dll!ReleaseCapture --> Thunk @ 0066A864 = user32.dll!RegisterWindowMessageA --> Thunk @ 0066A868 = user32.dll!RegisterClipboardFormatA --> Thunk @ 0066A86C = user32.dll!RegisterClassA --> Thunk @ 0066A870 = user32.dll!RedrawWindow --> Thunk @ 0066A874 = user32.dll!PtInRect --> Thunk @ 0066A878 = user32.dll!PostQuitMessage --> Thunk @ 0066A87C = user32.dll!PostMessageA --> Thunk @ 0066A880 = user32.dll!PeekMessageA --> Thunk @ 0066A884 = user32.dll!OpenClipboard --> Thunk @ 0066A888 = user32.dll!OffsetRect --> Thunk @ 0066A88C = user32.dll!OemToCharA --> Thunk @ 0066A890 = user32.dll!MsgWaitForMultipleObjects --> Thunk @ 0066A894 = user32.dll!MessageBoxA --> Thunk @ 0066A898 = user32.dll!MessageBeep --> Thunk @ 0066A89C = user32.dll!MapWindowPoints --> Thunk @ 0066A8A0 = user32.dll!MapVirtualKeyA --> Thunk @ 0066A8A4 = user32.dll!LoadStringA --> Thunk @ 0066A8A8 = user32.dll!LoadKeyboardLayoutA --> Thunk @ 0066A8AC = user32.dll!LoadIconA --> Thunk @ 0066A8B0 = user32.dll!LoadCursorA --> Thunk @ 0066A8B4 = user32.dll!LoadBitmapA --> Thunk @ 0066A8B8 = user32.dll!KillTimer --> Thunk @ 0066A8BC = user32.dll!IsZoomed --> Thunk @ 0066A8C0 = user32.dll!IsWindowVisible --> Thunk @ 0066A8C4 = user32.dll!IsWindowEnabled --> Thunk @ 0066A8C8 = user32.dll!IsWindow --> Thunk @ 0066A8CC = user32.dll!IsRectEmpty --> Thunk @ 0066A8D0 = user32.dll!IsIconic --> Thunk @ 0066A8D4 = user32.dll!IsDialogMessageA --> Thunk @ 0066A8D8 = user32.dll!IsClipboardFormatAvailable --> Thunk @ 0066A8DC = user32.dll!IsChild --> Thunk @ 0066A8E0 = user32.dll!IsCharAlphaNumericA --> Thunk @ 0066A8E4 = user32.dll!IsCharAlphaA --> Thunk @ 0066A8E8 = user32.dll!InvertRect --> Thunk @ 0066A8EC = user32.dll!InvalidateRect --> Thunk @ 0066A8F0 = user32.dll!IntersectRect --> Thunk @ 0066A8F4 = user32.dll!InsertMenuItemA --> Thunk @ 0066A8F8 = user32.dll!InsertMenuA --> Thunk @ 0066A8FC = user32.dll!InflateRect --> Thunk @ 0066A900 = user32.dll!HideCaret --> Thunk @ 0066A904 = user32.dll!GetWindowThreadProcessId --> Thunk @ 0066A908 = user32.dll!GetWindowTextA --> Thunk @ 0066A90C = user32.dll!GetWindowRect --> Thunk @ 0066A910 = user32.dll!GetWindowPlacement --> Thunk @ 0066A914 = user32.dll!GetWindowLongA --> Thunk @ 0066A918 = user32.dll!GetWindowDC --> Thunk @ 0066A91C = user32.dll!GetTopWindow --> Thunk @ 0066A920 = user32.dll!GetSystemMetrics --> Thunk @ 0066A924 = user32.dll!GetSystemMenu --> Thunk @ 0066A928 = user32.dll!GetSysColorBrush --> Thunk @ 0066A92C = user32.dll!GetSysColor --> Thunk @ 0066A930 = user32.dll!GetSubMenu --> Thunk @ 0066A934 = user32.dll!GetScrollRange --> Thunk @ 0066A938 = user32.dll!GetScrollPos --> Thunk @ 0066A93C = user32.dll!GetScrollInfo --> Thunk @ 0066A940 = user32.dll!GetPropA --> Thunk @ 0066A944 = user32.dll!GetParent --> Thunk @ 0066A948 = user32.dll!GetWindow --> Thunk @ 0066A94C = user32.dll!GetMessageTime --> Thunk @ 0066A950 = user32.dll!GetMessagePos --> Thunk @ 0066A954 = user32.dll!GetMessageA --> Thunk @ 0066A958 = user32.dll!GetMenuStringA --> Thunk @ 0066A95C = user32.dll!GetMenuState --> Thunk @ 0066A960 = user32.dll!GetMenuItemInfoA --> Thunk @ 0066A964 = user32.dll!GetMenuItemID --> Thunk @ 0066A968 = user32.dll!GetMenuItemCount --> Thunk @ 0066A96C = user32.dll!GetMenuDefaultItem --> Thunk @ 0066A970 = user32.dll!GetMenu --> Thunk @ 0066A974 = user32.dll!GetLastActivePopup --> Thunk @ 0066A978 = user32.dll!GetKeyboardState --> Thunk @ 0066A97C = user32.dll!GetKeyboardLayoutList --> Thunk @ 0066A980 = user32.dll!GetKeyboardLayout --> Thunk @ 0066A984 = user32.dll!GetKeyState --> Thunk @ 0066A988 = user32.dll!GetKeyNameTextA --> Thunk @ 0066A98C = user32.dll!GetIconInfo --> Thunk @ 0066A990 = user32.dll!GetForegroundWindow --> Thunk @ 0066A994 = user32.dll!GetFocus --> Thunk @ 0066A998 = user32.dll!GetDoubleClickTime --> Thunk @ 0066A99C = user32.dll!GetDlgItem --> Thunk @ 0066A9A0 = user32.dll!GetDesktopWindow --> Thunk @ 0066A9A4 = user32.dll!GetDCEx --> Thunk @ 0066A9A8 = user32.dll!GetDC --> Thunk @ 0066A9AC = user32.dll!GetCursorPos --> Thunk @ 0066A9B0 = user32.dll!GetCursor --> Thunk @ 0066A9B4 = user32.dll!GetClipboardData --> Thunk @ 0066A9B8 = user32.dll!GetClientRect --> Thunk @ 0066A9BC = user32.dll!GetClassNameA --> Thunk @ 0066A9C0 = user32.dll!GetClassLongA --> Thunk @ 0066A9C4 = user32.dll!GetClassInfoA --> Thunk @ 0066A9C8 = user32.dll!GetCaretPos --> Thunk @ 0066A9CC = user32.dll!GetCapture --> Thunk @ 0066A9D0 = user32.dll!GetAsyncKeyState --> Thunk @ 0066A9D4 = user32.dll!GetActiveWindow --> Thunk @ 0066A9D8 = user32.dll!FrameRect --> Thunk @ 0066A9DC = user32.dll!FindWindowA --> Thunk @ 0066A9E0 = user32.dll!FillRect --> Thunk @ 0066A9E4 = user32.dll!EqualRect --> Thunk @ 0066A9E8 = user32.dll!EnumWindows --> Thunk @ 0066A9EC = user32.dll!EnumThreadWindows --> Thunk @ 0066A9F0 = user32.dll!EnumClipboardFormats --> Thunk @ 0066A9F4 = user32.dll!EndPaint --> Thunk @ 0066A9F8 = user32.dll!EnableWindow --> Thunk @ 0066A9FC = user32.dll!EnableScrollBar --> Thunk @ 0066AA00 = user32.dll!EnableMenuItem --> Thunk @ 0066AA04 = user32.dll!EmptyClipboard --> Thunk @ 0066AA08 = user32.dll!DrawTextA --> Thunk @ 0066AA0C = user32.dll!DrawMenuBar --> Thunk @ 0066AA10 = user32.dll!DrawIconEx --> Thunk @ 0066AA14 = user32.dll!DrawIcon --> Thunk @ 0066AA18 = user32.dll!DrawFrameControl --> Thunk @ 0066AA1C = user32.dll!DrawFocusRect --> Thunk @ 0066AA20 = user32.dll!DrawEdge --> Thunk @ 0066AA24 = user32.dll!DragDetect --> Thunk @ 0066AA28 = user32.dll!DispatchMessageA --> Thunk @ 0066AA2C = user32.dll!DestroyWindow --> Thunk @ 0066AA30 = user32.dll!DestroyMenu --> Thunk @ 0066AA34 = user32.dll!DestroyIcon --> Thunk @ 0066AA38 = user32.dll!DestroyCursor --> Thunk @ 0066AA3C = user32.dll!DeleteMenu --> Thunk @ 0066AA40 = user32.dll!DefWindowProcA --> Thunk @ 0066AA44 = user32.dll!DefMDIChildProcA --> Thunk @ 0066AA48 = user32.dll!DefFrameProcA --> Thunk @ 0066AA4C = user32.dll!CreateWindowExA --> Thunk @ 0066AA50 = user32.dll!CreatePopupMenu --> Thunk @ 0066AA54 = user32.dll!CreateMenu --> Thunk @ 0066AA58 = user32.dll!CreateIcon --> Thunk @ 0066AA5C = user32.dll!CopyImage --> Thunk @ 0066AA60 = user32.dll!CloseClipboard --> Thunk @ 0066AA64 = user32.dll!ClientToScreen --> Thunk @ 0066AA68 = user32.dll!ChildWindowFromPointEx --> Thunk @ 0066AA6C = user32.dll!ChildWindowFromPoint --> Thunk @ 0066AA70 = user32.dll!CheckMenuItem --> Thunk @ 0066AA74 = user32.dll!ChangeClipboardChain --> Thunk @ 0066AA78 = user32.dll!CallWindowProcA --> Thunk @ 0066AA7C = user32.dll!CallNextHookEx --> Thunk @ 0066AA80 = user32.dll!BeginPaint --> Thunk @ 0066AA84 = user32.dll!CharNextA --> Thunk @ 0066AA88 = user32.dll!CharLowerBuffA --> Thunk @ 0066AA8C = user32.dll!CharLowerA --> Thunk @ 0066AA90 = user32.dll!CharUpperBuffA --> Thunk @ 0066AA94 = user32.dll!AdjustWindowRectEx --> Thunk @ 0066AA98 = user32.dll!ActivateKeyboardLayout --> Thunk @ 0066AAA0 = ole32.dll!CoTaskMemFree --> Thunk @ 0066AAA4 = ole32.dll!CoCreateGuid --> Thunk @ 0066AAA8 = ole32.dll!CLSIDFromString --> Thunk @ 0066AAAC = ole32.dll!StringFromCLSID --> Thunk @ 0066AAB0 = ole32.dll!CoUninitialize --> Thunk @ 0066AAB4 = ole32.dll!CoInitialize --> Thunk @ 0066AAB8 = ole32.dll!IsEqualGUID --> Thunk @ 0066AAC0 = oleaut32.dll!GetErrorInfo --> Thunk @ 0066AAC4 = oleaut32.dll!SysFreeString --> Thunk @ 0066AACC = comctl32.dll!InitializeFlatSB --> Thunk @ 0066AAD0 = comctl32.dll!FlatSB_ShowScrollBar --> Thunk @ 0066AAD4 = comctl32.dll!FlatSB_SetScrollProp --> Thunk @ 0066AAD8 = comctl32.dll!FlatSB_SetScrollInfo --> Thunk @ 0066AADC = comctl32.dll!ImageList_SetIconSize --> Thunk @ 0066AAE0 = comctl32.dll!ImageList_GetIconSize --> Thunk @ 0066AAE4 = comctl32.dll!ImageList_Write --> Thunk @ 0066AAE8 = comctl32.dll!ImageList_Read --> Thunk @ 0066AAEC = comctl32.dll!ImageList_GetDragImage --> Thunk @ 0066AAF0 = comctl32.dll!ImageList_DragShowNolock --> Thunk @ 0066AAF4 = comctl32.dll!ImageList_SetDragCursorImage --> Thunk @ 0066AAF8 = comctl32.dll!ImageList_DragMove --> Thunk @ 0066AAFC = comctl32.dll!ImageList_DragLeave --> Thunk @ 0066AB00 = comctl32.dll!ImageList_DragEnter --> Thunk @ 0066AB04 = comctl32.dll!ImageList_EndDrag --> Thunk @ 0066AB08 = comctl32.dll!ImageList_BeginDrag --> Thunk @ 0066AB0C = comctl32.dll!ImageList_GetIcon --> Thunk @ 0066AB10 = comctl32.dll!ImageList_Remove --> Thunk @ 0066AB14 = comctl32.dll!ImageList_DrawEx --> Thunk @ 0066AB18 = comctl32.dll!ImageList_Replace --> Thunk @ 0066AB1C = comctl32.dll!ImageList_Draw --> Thunk @ 0066AB20 = comctl32.dll!ImageList_GetBkColor --> Thunk @ 0066AB24 = comctl32.dll!ImageList_SetBkColor --> Thunk @ 0066AB28 = comctl32.dll!ImageList_ReplaceIcon --> Thunk @ 0066AB2C = comctl32.dll!ImageList_Add --> Thunk @ 0066AB30 = comctl32.dll!ImageList_GetImageCount --> Thunk @ 0066AB34 = comctl32.dll!ImageList_Destroy --> Thunk @ 0066AB38 = comctl32.dll!ImageList_Create --> Thunk @ 0066AB3C = comctl32.dll!InitCommonControls --> Thunk @ 0066AB44 = shell32.dll!Shell_NotifyIconA --> Thunk @ 0066AB48 = shell32.dll!ShellExecuteA --> Thunk @ 0066AB50 = wininet.dll!InternetGetConnectedState --> Thunk @ 0066AB54 = wininet.dll!InternetAutodial --> Thunk @ 0066AB5C = IMAGEHLP.DLL!UnMapAndLoad --> Thunk @ 0066AB60 = IMAGEHLP.DLL!ImageRvaToSection --> Thunk @ 0066AB64 = IMAGEHLP.DLL!ImageDirectoryEntryToData --> Thunk @ 0066AB6C = imagehlp.dll!ImageRvaToVa --> Thunk @ 0066AB74 = comdlg32.dll!GetSaveFileNameA --> Thunk @ 0066AB78 = comdlg32.dll!GetOpenFileNameA --> Thunk @ 0066AB80 = winmm.dll!timeGetTime --> Thunk @ 0066AB84 = winmm.dll!PlaySoundA --> Thunk @ 0066AB8C = kernel32.dll!InterlockedDecrement --> Thunk @ 0066AB90 = kernel32.dll!InterlockedIncrement --> Thunk @ 0066AB94 = kernel32.dll!InterlockedExchangeAdd --> Thunk @ 0066AB98 = kernel32.dll!InterlockedExchange --> Thunk @ 0066ABA0 = ws2_32.dll!WSASocketA --> Thunk @ 0066ABA4 = ws2_32.dll!WSASend --> Thunk @ 0066ABA8 = ws2_32.dll!WSARecv --> Thunk @ 0066ABAC = ws2_32.dll!WSAGetOverlappedResult --> Thunk @ 0066ABB0 = ws2_32.dll!WSAEventSelect --> Thunk @ 0066ABB4 = ws2_32.dll!WSAGetLastError --> Thunk @ 0066ABB8 = ws2_32.dll!WSACleanup --> Thunk @ 0066ABBC = ws2_32.dll!WSAStartup --> Thunk @ 0066ABC0 = ws2_32.dll!gethostbyname --> Thunk @ 0066ABC4 = ws2_32.dll!shutdown --> Thunk @ 0066ABC8 = ws2_32.dll!ntohs --> Thunk @ 0066ABCC = ws2_32.dll!listen --> Thunk @ 0066ABD0 = ws2_32.dll!inet_addr --> Thunk @ 0066ABD4 = ws2_32.dll!htons --> Thunk @ 0066ABD8 = ws2_32.dll!closesocket --> Thunk @ 0066ABDC = ws2_32.dll!bind --> Thunk @ 0066ABE0 = ws2_32.dll!accept --> Thunk @ 0066ABE8 = kernel32.dll!InterlockedExchangeAdd --> Thunk @ 0066ABEC = kernel32.dll!InterlockedExchange --> Thunk @ 0066ABF0 = kernel32.dll!InterlockedIncrement --> Thunk @ 0066ABF8 = kernel32.dll!SetFilePointer --> Thunk @ 0066AC00 = ODBCCP32.DLL!SQLValidDSN --> Thunk @ 0066AC08 = ODBC32.DLL!SQLSpecialColumns --> Thunk @ 0066AC0C = ODBC32.DLL!SQLSetStmtAttr --> Thunk @ 0066AC10 = ODBC32.DLL!SQLSetPos --> Thunk @ 0066AC14 = ODBC32.DLL!SQLSetEnvAttr --> Thunk @ 0066AC18 = ODBC32.DLL!SQLSetDescField --> Thunk @ 0066AC1C = ODBC32.DLL!SQLSetConnectAttr --> Thunk @ 0066AC20 = ODBC32.DLL!SQLRowCount --> Thunk @ 0066AC24 = ODBC32.DLL!SQLPutData --> Thunk @ 0066AC28 = ODBC32.DLL!SQLProcedures --> Thunk @ 0066AC2C = ODBC32.DLL!SQLProcedureColumns --> Thunk @ 0066AC30 = ODBC32.DLL!SQLPrimaryKeys --> Thunk @ 0066AC34 = ODBC32.DLL!SQLPrepare --> Thunk @ 0066AC38 = ODBC32.DLL!SQLParamData --> Thunk @ 0066AC3C = ODBC32.DLL!SQLNumResultCols --> Thunk @ 0066AC40 = ODBC32.DLL!SQLGetStmtAttr --> Thunk @ 0066AC44 = ODBC32.DLL!SQLGetInfo --> Thunk @ 0066AC48 = ODBC32.DLL!SQLGetFunctions --> Thunk @ 0066AC4C = ODBC32.DLL!SQLGetEnvAttr --> Thunk @ 0066AC50 = ODBC32.DLL!SQLGetDiagRec --> Thunk @ 0066AC54 = ODBC32.DLL!SQLGetDiagField --> Thunk @ 0066AC58 = ODBC32.DLL!SQLGetData --> Thunk @ 0066AC5C = ODBC32.DLL!SQLGetCursorName --> Thunk @ 0066AC60 = ODBC32.DLL!SQLGetConnectAttr --> Thunk @ 0066AC64 = ODBC32.DLL!SQLFreeStmt --> Thunk @ 0066AC68 = ODBC32.DLL!SQLFreeHandle --> Thunk @ 0066AC6C = ODBC32.DLL!SQLFetchScroll --> Thunk @ 0066AC70 = ODBC32.DLL!SQLFetch --> Thunk @ 0066AC74 = ODBC32.DLL!SQLExecute --> Thunk @ 0066AC78 = ODBC32.DLL!SQLExecDirect --> Thunk @ 0066AC7C = ODBC32.DLL!SQLDriverConnect --> Thunk @ 0066AC80 = ODBC32.DLL!SQLDisconnect --> Thunk @ 0066AC84 = ODBC32.DLL!SQLDescribeParam --> Thunk @ 0066AC88 = ODBC32.DLL!SQLDescribeCol --> Thunk @ 0066AC8C = ODBC32.DLL!SQLConnect --> Thunk @ 0066AC90 = ODBC32.DLL!SQLColAttribute --> Thunk @ 0066AC94 = ODBC32.DLL!SQLBulkOperations --> Thunk @ 0066AC98 = ODBC32.DLL!SQLBindParameter --> Thunk @ 0066AC9C = ODBC32.DLL!SQLBindCol --> Thunk @ 0066ACA0 = ODBC32.DLL!SQLAllocHandle --> Thunk @ 0066ACA8 = kernel32.dll!MulDiv --> Thunk @ 0066ACB0 = HHCtrl.ocx!HtmlHelpA --> Thunk @ 0066ACB8 = asidbe.dll!Ordinal0000009E --> Thunk @ 0066ACBC = asidbe.dll!Ordinal0000008F --> Thunk @ 0066ACC0 = asidbe.dll!Ordinal0000007C --> Thunk @ 0066ACC4 = asidbe.dll!Ordinal00000075 --> Thunk @ 0066ACC8 = asidbe.dll!Ordinal0000005D --> Thunk @ 0066ACCC = asidbe.dll!Ordinal0000004E --> Thunk @ 0066ACD0 = asidbe.dll!Ordinal00000040 --> Thunk @ 0066ACD4 = asidbe.dll!Ordinal0000002B --> Thunk @ 0066ACD8 = asidbe.dll!Ordinal0000000F --> Thunk @ 0066ACDC = asidbe.dll!Ordinal0000000E --> Thunk @ 0066ACE4 = mosecur.dll!GetInfo --> Thunk @ 0066ACE8 = mosecur.dll!RegisterTrialApplicationDlg --> Thunk @ 0066ACF0 = ole32.dll!CoUninitialize --> Thunk @ 0066ACF4 = ole32.dll!CoInitialize --> Thunk @ 0066ACFC = shell32.dll!SHGetMalloc Call OEP hooked... --> 010BCA39 --> 010BCA56 New Thread created. ID: 00001384 OEP resolved to: 0065E794 Scanning for potential Nanomites... --> Analyzing Int3 @ 004010C8 --> No Nanomites Used... Aborting Nanomite Scan... Resolving Nanomites... Dumping PE Sections... Done. I did all of this in 15 seconds! 2006-10-26 23:02 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

bestchao

雪币： 7

能力值： (RANK：50 )

在线值：

发帖

32

回帖

305

粉丝

0

关注

私信

bestchao 1: 2 楼

你的[Overlay]
补上了吗？

2006-10-16 21:19

0

skype

雪币： 200

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

5

回帖

17

粉丝

0

关注

私信

skype: 3 楼

最初由 bestchao 发布
你的[Overlay]
补上了吗？

这个论坛好bt啊，一天只让我发5贴。我昨晚就想发这个的，结果发现被锁了，只好今天一下班就回来发。

overlay我昨天问过的，不过觉得听得一知半解的。当时不是说是附加数据吗？我不懂，当时还问什么是附加数据。那位朋友给的例子倒是蛮生动的，只是到了.exe文件里是什么概念，我不太懂。

朋友你能不能给点指示啊？我现在只会大致地用一下W32ASM和OD。本人觉得自己电脑水平不算差，不过只是以前从没有接触过这些软件罢了。

而且我读大学时，没发现这个好地方，不然我早成破解高手了。说不定我的工作和人生也改变了。。。

话扯远了，朋友，指点一下吧。

2006-10-16 21:45

0

skype

雪币： 200

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

5

回帖

17

粉丝

0

关注

私信

skype: 4 楼

我应该如何修改这个已经被脱的程序，才能把那个广告程序删掉呀？

不需要做破解注册之类的，只需要把上来就弹广告的程序弄掉就可以了。

我以前只用过ResHacker修改一些资源而改，没遇上过这么的例子。请大家教教我吧？先谢谢了

2006-10-17 21:51

0

bestchao

雪币： 7

能力值： (RANK：50 )

在线值：

发帖

32

回帖

305

粉丝

0

关注

私信

bestchao 1: 5 楼

最初由 skype 发布
我应该如何修改这个已经被脱的程序，才能把那个广告程序删掉呀？

不需要做破解注册之类的，只需要把上来就弹广告的程序弄掉就可以了。

我以前只用过ResHacker修改一些资源而改，没遇上过这么的例子。请大家教教我吧？先谢谢了

这些问题可以参考

“看雪精华合集”的文章

下载地址就去baidu.com搜索

看雪破解大礼包就可以找到拉

2006-10-17 23:24

0

hongbin

雪币： 205

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

12

回帖

32

粉丝

0

关注

私信

hongbin: 6 楼

简直就是一个郁闷.现在这个壳到好一载入直接提示有调试运行自动关闭

2006-10-20 10:54

0

skype

雪币： 200

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

5

回帖

17

粉丝

0

关注

私信

skype: 7 楼

用一个叫mm_dillodie1.6的程序居然自动把它脱掉了。（不好意思，急于帮人解决问题，先自动能脱就脱吧。）

脱掉以后，发现这东西还是双进程，一启动就上来一个广告，我想把它弄掉，关掉窗口时，会显示：
If you close the sponsor window, you will close all Free Tools.Are you sure?
于是，一按，整个程序全被关掉了。

我用W32ASM打开它，并没有找到sponsor之类的字串，用OD打开，也没有找到。按理说，用PEiD查出来没有加密，就应该能找到这个sponsor的字串的呀，为什么查不到呢？百丝不得其解。。。难道在相关的dll中？用FileMon查了一下，启动时也没载入什么文件啊。
用dir得到的目录列表：
hypersrv.exe
Exchanges.dat
ExchangesDefs.txt
cache.map
bridge.dll
ActualDatafeed.chm
HyperServerLite.chm
Exchanges.map
cache.dat
dilloDIE.log
hypersrv.exe.dDIE.exe（自动脱壳脱掉的文件）

现在问题是，我应该如何修改这个已经被脱的程序，才能把那个广告程序删掉呀？不需要做破解注册之类的，只需要把上来就弹广告的程序弄掉就可以了。请大家教教我吧？先谢谢了

附上dilloDIE.log的日志文件

++++++++++++++

CreateProcess...
--> Filename: hypersrv.exe
--> Process ID: 00001738
Debugblocker detected...
Entering Child Process...
--> Process ID: 0000174C
IAT Initialization hooked...
--> 010B99EE
Rebuilding Import Table...
--> Thunk @ 0066A2A8 = kernel32.dll!GetCurrentThreadId
--> Thunk @ 0066A2AC = kernel32.dll!DeleteCriticalSection
--> Thunk @ 0066A2B0 = kernel32.dll!LeaveCriticalSection
--> Thunk @ 0066A2B4 = kernel32.dll!EnterCriticalSection
--> Thunk @ 0066A2B8 = kernel32.dll!InitializeCriticalSection
--> Thunk @ 0066A2BC = kernel32.dll!VirtualFree
--> Thunk @ 0066A2C0 = kernel32.dll!VirtualAlloc
--> Thunk @ 0066A2C4 = kernel32.dll!LocalFree
--> Thunk @ 0066A2C8 = kernel32.dll!LocalAlloc
--> Thunk @ 0066A2CC = kernel32.dll!InterlockedDecrement
--> Thunk @ 0066A2D0 = kernel32.dll!InterlockedIncrement
--> Thunk @ 0066A2D4 = kernel32.dll!VirtualQuery
--> Thunk @ 0066A2D8 = kernel32.dll!WideCharToMultiByte
--> Thunk @ 0066A2DC = kernel32.dll!MultiByteToWideChar
--> Thunk @ 0066A2E0 = kernel32.dll!lstrlenA
--> Thunk @ 0066A2E4 = kernel32.dll!lstrcpynA
--> Thunk @ 0066A2E8 = kernel32.dll!lstrcpyA
--> Thunk @ 0066A2EC = kernel32.dll!LoadLibraryExA
--> Thunk @ 0066A2F0 = kernel32.dll!GetThreadLocale
--> Thunk @ 0066A2F4 = kernel32.dll!GetStartupInfoA
--> Thunk @ 0066A2F8 = kernel32.dll!GetProcAddress
--> Thunk @ 0066A2FC = kernel32.dll!GetModuleHandleA
--> Thunk @ 0066A300 = kernel32.dll!GetModuleFileNameA
--> Thunk @ 0066A304 = kernel32.dll!GetLocaleInfoA
--> Thunk @ 0066A308 = kernel32.dll!GetLastError
--> Thunk @ 0066A30C = kernel32.dll!GetCommandLineA
--> Thunk @ 0066A310 = kernel32.dll!FreeLibrary
--> Thunk @ 0066A314 = kernel32.dll!FindFirstFileA
--> Thunk @ 0066A318 = kernel32.dll!FindClose
--> Thunk @ 0066A31C = kernel32.dll!ExitProcess
--> Thunk @ 0066A320 = kernel32.dll!ExitThread
--> Thunk @ 0066A324 = kernel32.dll!CreateThread
--> Thunk @ 0066A328 = kernel32.dll!WriteFile
--> Thunk @ 0066A32C = kernel32.dll!UnhandledExceptionFilter
--> Thunk @ 0066A330 = kernel32.dll!SetFilePointer
--> Thunk @ 0066A334 = kernel32.dll!SetEndOfFile
--> Thunk @ 0066A338 = kernel32.dll!RtlUnwind
--> Thunk @ 0066A33C = kernel32.dll!ReadFile
--> Thunk @ 0066A340 = kernel32.dll!RaiseException
--> Thunk @ 0066A344 = kernel32.dll!GetStdHandle
--> Thunk @ 0066A348 = kernel32.dll!GetFileSize
--> Thunk @ 0066A34C = kernel32.dll!GetSystemTime
--> Thunk @ 0066A350 = kernel32.dll!GetFileType
--> Thunk @ 0066A354 = kernel32.dll!CreateFileA
--> Thunk @ 0066A358 = kernel32.dll!CloseHandle
--> Thunk @ 0066A360 = user32.dll!GetKeyboardType
--> Thunk @ 0066A364 = user32.dll!LoadStringA
--> Thunk @ 0066A368 = user32.dll!MessageBoxA
--> Thunk @ 0066A36C = user32.dll!CharNextA
--> Thunk @ 0066A374 = advapi32.dll!RegQueryValueExA
--> Thunk @ 0066A378 = advapi32.dll!RegOpenKeyExA
--> Thunk @ 0066A37C = advapi32.dll!RegCloseKey
--> Thunk @ 0066A384 = oleaut32.dll!SafeArrayPutElement
--> Thunk @ 0066A388 = oleaut32.dll!SafeArrayPtrOfIndex
--> Thunk @ 0066A38C = oleaut32.dll!SafeArrayGetElement
--> Thunk @ 0066A390 = oleaut32.dll!SafeArrayUnaccessData
--> Thunk @ 0066A394 = oleaut32.dll!SafeArrayAccessData
--> Thunk @ 0066A398 = oleaut32.dll!SafeArrayGetUBound
--> Thunk @ 0066A39C = oleaut32.dll!SafeArrayCreate
--> Thunk @ 0066A3A0 = oleaut32.dll!VariantChangeTypeEx
--> Thunk @ 0066A3A4 = oleaut32.dll!VariantCopyInd
--> Thunk @ 0066A3A8 = oleaut32.dll!VariantClear
--> Thunk @ 0066A3AC = oleaut32.dll!SysStringLen
--> Thunk @ 0066A3B0 = oleaut32.dll!SysFreeString
--> Thunk @ 0066A3B4 = oleaut32.dll!SysReAllocStringLen
--> Thunk @ 0066A3B8 = oleaut32.dll!SysAllocStringLen
--> Thunk @ 0066A3C0 = kernel32.dll!TlsSetValue
--> Thunk @ 0066A3C4 = kernel32.dll!TlsGetValue
--> Thunk @ 0066A3C8 = kernel32.dll!LocalAlloc
--> Thunk @ 0066A3CC = kernel32.dll!GetModuleHandleA
--> Thunk @ 0066A3D0 = kernel32.dll!GetModuleFileNameA
--> Thunk @ 0066A3D8 = borlndmm.dll!@Borlndmm@SysGetMem$qqri
--> Thunk @ 0066A3E0 = kernel32.dll!GetProcAddress
--> Thunk @ 0066A3E4 = kernel32.dll!GetModuleHandleA
--> Thunk @ 0066A3EC = advapi32.dll!RegSetValueExA
--> Thunk @ 0066A3F0 = advapi32.dll!RegQueryValueExA
--> Thunk @ 0066A3F4 = advapi32.dll!RegQueryInfoKeyA
--> Thunk @ 0066A3F8 = advapi32.dll!RegOpenKeyExA
--> Thunk @ 0066A3FC = advapi32.dll!RegFlushKey
--> Thunk @ 0066A400 = advapi32.dll!RegEnumValueA
--> Thunk @ 0066A404 = advapi32.dll!RegEnumKeyExA
--> Thunk @ 0066A408 = advapi32.dll!RegDeleteValueA
--> Thunk @ 0066A40C = advapi32.dll!RegDeleteKeyA
--> Thunk @ 0066A410 = advapi32.dll!RegCreateKeyExA
--> Thunk @ 0066A414 = advapi32.dll!RegCloseKey
--> Thunk @ 0066A41C = kernel32.dll!lstrcpyA
--> Thunk @ 0066A420 = kernel32.dll!lstrcmpA
--> Thunk @ 0066A424 = kernel32.dll!WritePrivateProfileStringA
--> Thunk @ 0066A428 = kernel32.dll!WriteFile
--> Thunk @ 0066A42C = kernel32.dll!WideCharToMultiByte
--> Thunk @ 0066A430 = kernel32.dll!WaitForSingleObject
--> Thunk @ 0066A434 = kernel32.dll!WaitForMultipleObjects
--> Thunk @ 0066A438 = kernel32.dll!VirtualQueryEx
--> Thunk @ 0066A43C = kernel32.dll!VirtualQuery
--> Thunk @ 0066A440 = kernel32.dll!VirtualFree
--> Thunk @ 0066A444 = kernel32.dll!VirtualAlloc
--> Thunk @ 0066A448 = kernel32.dll!VerLanguageNameA
--> Thunk @ 0066A44C = kernel32.dll!UnmapViewOfFile
--> Thunk @ 0066A450 = kernel32.dll!TerminateThread
--> Thunk @ 0066A454 = kernel32.dll!SystemTimeToFileTime
--> Thunk @ 0066A458 = kernel32.dll!Sleep
--> Thunk @ 0066A45C = kernel32.dll!SizeofResource
--> Thunk @ 0066A460 = kernel32.dll!SetThreadPriority
--> Thunk @ 0066A464 = kernel32.dll!SetThreadLocale
--> Thunk @ 0066A468 = kernel32.dll!SetLastError
--> Thunk @ 0066A46C = kernel32.dll!SetFilePointer
--> Thunk @ 0066A470 = kernel32.dll!SetEvent
--> Thunk @ 0066A474 = kernel32.dll!SetErrorMode
--> Thunk @ 0066A478 = kernel32.dll!SetEndOfFile
--> Thunk @ 0066A47C = kernel32.dll!SetCurrentDirectoryA
--> Thunk @ 0066A480 = kernel32.dll!ResumeThread
--> Thunk @ 0066A484 = kernel32.dll!ResetEvent
--> Thunk @ 0066A488 = kernel32.dll!RemoveDirectoryA
--> Thunk @ 0066A48C = kernel32.dll!ReleaseSemaphore
--> Thunk @ 0066A490 = kernel32.dll!ReleaseMutex
--> Thunk @ 0066A494 = kernel32.dll!ReadFile
--> Thunk @ 0066A498 = kernel32.dll!QueryPerformanceFrequency
--> Thunk @ 0066A49C = kernel32.dll!OutputDebugStringA
--> Thunk @ 0066A4A0 = kernel32.dll!OpenProcess
--> Thunk @ 0066A4A4 = kernel32.dll!MultiByteToWideChar
--> Thunk @ 0066A4A8 = kernel32.dll!MulDiv
--> Thunk @ 0066A4AC = kernel32.dll!MoveFileA
--> Thunk @ 0066A4B0 = kernel32.dll!MapViewOfFile
--> Thunk @ 0066A4B4 = kernel32.dll!LockResource
--> Thunk @ 0066A4B8 = kernel32.dll!LoadResource
--> Thunk @ 0066A4BC = kernel32.dll!LoadLibraryA
--> Thunk @ 0066A4C0 = kernel32.dll!LeaveCriticalSection
--> Thunk @ 0066A4C4 = kernel32.dll!IsBadReadPtr
--> Thunk @ 0066A4C8 = kernel32.dll!IsBadCodePtr
--> Thunk @ 0066A4CC = kernel32.dll!InitializeCriticalSectionAndSpinCount
--> Thunk @ 0066A4D0 = kernel32.dll!InitializeCriticalSection
--> Thunk @ 0066A4D4 = kernel32.dll!GlobalUnlock
--> Thunk @ 0066A4D8 = kernel32.dll!GlobalSize
--> Thunk @ 0066A4DC = kernel32.dll!GlobalReAlloc
--> Thunk @ 0066A4E0 = kernel32.dll!GlobalHandle
--> Thunk @ 0066A4E4 = kernel32.dll!GlobalLock
--> Thunk @ 0066A4E8 = kernel32.dll!GlobalFree
--> Thunk @ 0066A4EC = kernel32.dll!GlobalDeleteAtom
--> Thunk @ 0066A4F0 = kernel32.dll!GlobalAlloc
--> Thunk @ 0066A4F4 = kernel32.dll!GlobalAddAtomA
--> Thunk @ 0066A4F8 = kernel32.dll!GetVolumeInformationA
--> Thunk @ 0066A4FC = kernel32.dll!GetVersionExA
--> Thunk @ 0066A500 = kernel32.dll!GetVersion
--> Thunk @ 0066A504 = kernel32.dll!GetTimeZoneInformation
--> Thunk @ 0066A508 = kernel32.dll!GetTimeFormatA
--> Thunk @ 0066A50C = kernel32.dll!GetTickCount
--> Thunk @ 0066A510 = kernel32.dll!GetThreadLocale
--> Thunk @ 0066A514 = kernel32.dll!GetTempPathA
--> Thunk @ 0066A518 = kernel32.dll!GetSystemTime
--> Thunk @ 0066A51C = kernel32.dll!GetSystemInfo
--> Thunk @ 0066A520 = kernel32.dll!GetStringTypeExA
--> Thunk @ 0066A524 = kernel32.dll!GetProcAddress
--> Thunk @ 0066A528 = kernel32.dll!GetPrivateProfileStringA
--> Thunk @ 0066A52C = kernel32.dll!GetOverlappedResult
--> Thunk @ 0066A530 = kernel32.dll!GetModuleHandleA
--> Thunk @ 0066A534 = kernel32.dll!GetModuleFileNameA
--> Thunk @ 0066A538 = kernel32.dll!GetLocaleInfoA
--> Thunk @ 0066A53C = kernel32.dll!GetLocalTime
--> Thunk @ 0066A540 = kernel32.dll!GetLastError
--> Thunk @ 0066A544 = kernel32.dll!GetFileSize
--> Thunk @ 0066A548 = kernel32.dll!GetFileAttributesExA
--> Thunk @ 0066A54C = kernel32.dll!GetFileAttributesA
--> Thunk @ 0066A550 = kernel32.dll!GetExitCodeThread
--> Thunk @ 0066A554 = kernel32.dll!GetDriveTypeA
--> Thunk @ 0066A558 = kernel32.dll!GetDiskFreeSpaceA
--> Thunk @ 0066A55C = kernel32.dll!GetDateFormatA
--> Thunk @ 0066A560 = kernel32.dll!GetCurrentThreadId
--> Thunk @ 0066A564 = kernel32.dll!GetCurrentProcessId
--> Thunk @ 0066A568 = kernel32.dll!GetCurrentProcess
--> Thunk @ 0066A56C = kernel32.dll!GetComputerNameA
--> Thunk @ 0066A570 = kernel32.dll!GetCPInfo
--> Thunk @ 0066A574 = kernel32.dll!FreeResource
--> Thunk @ 0066A578 = kernel32.dll!InterlockedIncrement
--> Thunk @ 0066A57C = kernel32.dll!InterlockedExchangeAdd
--> Thunk @ 0066A580 = kernel32.dll!InterlockedExchange
--> Thunk @ 0066A584 = kernel32.dll!InterlockedDecrement
--> Thunk @ 0066A588 = kernel32.dll!FreeLibrary
--> Thunk @ 0066A58C = kernel32.dll!FormatMessageA
--> Thunk @ 0066A590 = kernel32.dll!FlushFileBuffers
--> Thunk @ 0066A594 = kernel32.dll!FindResourceA
--> Thunk @ 0066A598 = kernel32.dll!FindNextFileA
--> Thunk @ 0066A59C = kernel32.dll!FindFirstFileA
--> Thunk @ 0066A5A0 = kernel32.dll!FindClose
--> Thunk @ 0066A5A4 = kernel32.dll!FileTimeToSystemTime
--> Thunk @ 0066A5A8 = kernel32.dll!FileTimeToLocalFileTime
--> Thunk @ 0066A5AC = kernel32.dll!FileTimeToDosDateTime
--> Thunk @ 0066A5B0 = kernel32.dll!EnumCalendarInfoA
--> Thunk @ 0066A5B4 = kernel32.dll!EnterCriticalSection
--> Thunk @ 0066A5B8 = kernel32.dll!DeleteFileA
--> Thunk @ 0066A5BC = kernel32.dll!DeleteCriticalSection
--> Thunk @ 0066A5C0 = kernel32.dll!CreateThread
--> Thunk @ 0066A5C4 = kernel32.dll!CreateSemaphoreA
--> Thunk @ 0066A5C8 = kernel32.dll!CreateMutexA
--> Thunk @ 0066A5CC = kernel32.dll!CreateFileMappingA
--> Thunk @ 0066A5D0 = kernel32.dll!CreateFileA
--> Thunk @ 0066A5D4 = kernel32.dll!CreateEventA
--> Thunk @ 0066A5D8 = kernel32.dll!CreateDirectoryA
--> Thunk @ 0066A5DC = kernel32.dll!CompareStringA
--> Thunk @ 0066A5E0 = kernel32.dll!CloseHandle
--> Thunk @ 0066A5E8 = version.dll!VerQueryValueA
--> Thunk @ 0066A5EC = version.dll!GetFileVersionInfoSizeA
--> Thunk @ 0066A5F0 = version.dll!GetFileVersionInfoA
--> Thunk @ 0066A5F8 = gdi32.dll!UpdateColors
--> Thunk @ 0066A5FC = gdi32.dll!UnrealizeObject
--> Thunk @ 0066A600 = gdi32.dll!StretchBlt
--> Thunk @ 0066A604 = gdi32.dll!SetWindowOrgEx
--> Thunk @ 0066A608 = gdi32.dll!SetWindowExtEx
--> Thunk @ 0066A60C = gdi32.dll!SetWinMetaFileBits
--> Thunk @ 0066A610 = gdi32.dll!SetViewportOrgEx
--> Thunk @ 0066A614 = gdi32.dll!SetViewportExtEx
--> Thunk @ 0066A618 = gdi32.dll!SetTextColor
--> Thunk @ 0066A61C = gdi32.dll!SetTextAlign
--> Thunk @ 0066A620 = gdi32.dll!SetStretchBltMode
--> Thunk @ 0066A624 = gdi32.dll!SetROP2
--> Thunk @ 0066A628 = gdi32.dll!SetPixel
--> Thunk @ 0066A62C = gdi32.dll!SetMapMode
--> Thunk @ 0066A630 = gdi32.dll!SetEnhMetaFileBits
--> Thunk @ 0066A634 = gdi32.dll!SetDIBits
--> Thunk @ 0066A638 = gdi32.dll!SetDIBColorTable
--> Thunk @ 0066A63C = gdi32.dll!SetBrushOrgEx
--> Thunk @ 0066A640 = gdi32.dll!SetBkMode
--> Thunk @ 0066A644 = gdi32.dll!SetBkColor
--> Thunk @ 0066A648 = gdi32.dll!SelectPalette
--> Thunk @ 0066A64C = gdi32.dll!SelectObject
--> Thunk @ 0066A650 = gdi32.dll!SelectClipRgn
--> Thunk @ 0066A654 = gdi32.dll!SaveDC
--> Thunk @ 0066A658 = gdi32.dll!RoundRect
--> Thunk @ 0066A65C = gdi32.dll!RestoreDC
--> Thunk @ 0066A660 = gdi32.dll!Rectangle
--> Thunk @ 0066A664 = gdi32.dll!RectVisible
--> Thunk @ 0066A668 = gdi32.dll!RealizePalette
--> Thunk @ 0066A66C = gdi32.dll!PtInRegion
--> Thunk @ 0066A670 = gdi32.dll!Polyline
--> Thunk @ 0066A674 = gdi32.dll!Polygon
--> Thunk @ 0066A678 = gdi32.dll!PolyPolyline
--> Thunk @ 0066A67C = gdi32.dll!PlayEnhMetaFile
--> Thunk @ 0066A680 = gdi32.dll!PatBlt
--> Thunk @ 0066A684 = gdi32.dll!PaintRgn
--> Thunk @ 0066A688 = gdi32.dll!MoveToEx
--> Thunk @ 0066A68C = gdi32.dll!MaskBlt
--> Thunk @ 0066A690 = gdi32.dll!LineTo
--> Thunk @ 0066A694 = gdi32.dll!LPtoDP
--> Thunk @ 0066A698 = gdi32.dll!IntersectClipRect
--> Thunk @ 0066A69C = gdi32.dll!GetWindowOrgEx
--> Thunk @ 0066A6A0 = gdi32.dll!GetWinMetaFileBits
--> Thunk @ 0066A6A4 = gdi32.dll!GetViewportOrgEx
--> Thunk @ 0066A6A8 = gdi32.dll!GetTextMetricsA
--> Thunk @ 0066A6AC = gdi32.dll!GetTextExtentPointA
--> Thunk @ 0066A6B0 = gdi32.dll!GetTextExtentPoint32A
--> Thunk @ 0066A6B4 = gdi32.dll!GetTextColor
--> Thunk @ 0066A6B8 = gdi32.dll!GetTextAlign
--> Thunk @ 0066A6BC = gdi32.dll!GetSystemPaletteEntries
--> Thunk @ 0066A6C0 = gdi32.dll!GetStockObject
--> Thunk @ 0066A6C4 = gdi32.dll!GetRgnBox
--> Thunk @ 0066A6C8 = gdi32.dll!GetROP2
--> Thunk @ 0066A6CC = gdi32.dll!GetPixel
--> Thunk @ 0066A6D0 = gdi32.dll!GetPaletteEntries
--> Thunk @ 0066A6D4 = gdi32.dll!GetObjectType
--> Thunk @ 0066A6D8 = gdi32.dll!GetObjectA
--> Thunk @ 0066A6DC = gdi32.dll!GetNearestColor
--> Thunk @ 0066A6E0 = gdi32.dll!GetEnhMetaFilePaletteEntries
--> Thunk @ 0066A6E4 = gdi32.dll!GetEnhMetaFileHeader
--> Thunk @ 0066A6E8 = gdi32.dll!GetEnhMetaFileBits
--> Thunk @ 0066A6EC = gdi32.dll!GetDeviceCaps
--> Thunk @ 0066A6F0 = gdi32.dll!GetDIBits
--> Thunk @ 0066A6F4 = gdi32.dll!GetDIBColorTable
--> Thunk @ 0066A6F8 = gdi32.dll!GetDCOrgEx
--> Thunk @ 0066A6FC = gdi32.dll!GetCurrentPositionEx
--> Thunk @ 0066A700 = gdi32.dll!GetCurrentObject
--> Thunk @ 0066A704 = gdi32.dll!GetClipRgn
--> Thunk @ 0066A708 = gdi32.dll!GetClipBox
--> Thunk @ 0066A70C = gdi32.dll!GetBrushOrgEx
--> Thunk @ 0066A710 = gdi32.dll!GetBkMode
--> Thunk @ 0066A714 = gdi32.dll!GetBkColor
--> Thunk @ 0066A718 = gdi32.dll!GetBitmapBits
--> Thunk @ 0066A71C = gdi32.dll!GdiFlush
--> Thunk @ 0066A720 = gdi32.dll!FrameRgn
--> Thunk @ 0066A724 = gdi32.dll!ExtTextOutA
--> Thunk @ 0066A728 = gdi32.dll!ExtSelectClipRgn
--> Thunk @ 0066A72C = gdi32.dll!ExtCreatePen
--> Thunk @ 0066A730 = gdi32.dll!ExcludeClipRect
--> Thunk @ 0066A734 = gdi32.dll!Ellipse
--> Thunk @ 0066A738 = gdi32.dll!DeleteObject
--> Thunk @ 0066A73C = gdi32.dll!DeleteEnhMetaFile
--> Thunk @ 0066A740 = gdi32.dll!DeleteDC
--> Thunk @ 0066A744 = gdi32.dll!CreateSolidBrush
--> Thunk @ 0066A748 = gdi32.dll!CreateRectRgnIndirect
--> Thunk @ 0066A74C = gdi32.dll!CreateRectRgn
--> Thunk @ 0066A750 = gdi32.dll!CreatePolygonRgn
--> Thunk @ 0066A754 = gdi32.dll!CreatePenIndirect
--> Thunk @ 0066A758 = gdi32.dll!CreatePen
--> Thunk @ 0066A75C = gdi32.dll!CreatePatternBrush
--> Thunk @ 0066A760 = gdi32.dll!CreatePalette
--> Thunk @ 0066A764 = gdi32.dll!CreateHalftonePalette
--> Thunk @ 0066A768 = gdi32.dll!CreateFontIndirectA
--> Thunk @ 0066A76C = gdi32.dll!CreateEllipticRgn
--> Thunk @ 0066A770 = gdi32.dll!CreateDIBitmap
--> Thunk @ 0066A774 = gdi32.dll!CreateDIBSection
--> Thunk @ 0066A778 = gdi32.dll!CreateCompatibleDC
--> Thunk @ 0066A77C = gdi32.dll!CreateCompatibleBitmap
--> Thunk @ 0066A780 = gdi32.dll!CreateBrushIndirect
--> Thunk @ 0066A784 = gdi32.dll!CreateBitmap
--> Thunk @ 0066A788 = gdi32.dll!CopyEnhMetaFileA
--> Thunk @ 0066A78C = gdi32.dll!CombineRgn
--> Thunk @ 0066A790 = gdi32.dll!BitBlt
--> Thunk @ 0066A798 = user32.dll!WindowFromPoint
--> Thunk @ 0066A79C = user32.dll!WinHelpA
--> Thunk @ 0066A7A0 = user32.dll!WaitMessage
--> Thunk @ 0066A7A4 = user32.dll!VkKeyScanA
--> Thunk @ 0066A7A8 = user32.dll!ValidateRect
--> Thunk @ 0066A7AC = user32.dll!UpdateWindow
--> Thunk @ 0066A7B0 = user32.dll!UnregisterClassA
--> Thunk @ 0066A7B4 = user32.dll!UnionRect
--> Thunk @ 0066A7B8 = user32.dll!UnhookWindowsHookEx
--> Thunk @ 0066A7BC = user32.dll!TranslateMessage
--> Thunk @ 0066A7C0 = user32.dll!TranslateMDISysAccel
--> Thunk @ 0066A7C4 = user32.dll!TrackPopupMenu
--> Thunk @ 0066A7C8 = user32.dll!SystemParametersInfoA
--> Thunk @ 0066A7CC = user32.dll!ShowWindow
--> Thunk @ 0066A7D0 = user32.dll!ShowScrollBar
--> Thunk @ 0066A7D4 = user32.dll!ShowOwnedPopups
--> Thunk @ 0066A7D8 = user32.dll!ShowCursor
--> Thunk @ 0066A7DC = user32.dll!ShowCaret
--> Thunk @ 0066A7E0 = user32.dll!SetWindowRgn
--> Thunk @ 0066A7E4 = user32.dll!SetWindowsHookExA
--> Thunk @ 0066A7E8 = user32.dll!SetWindowTextA
--> Thunk @ 0066A7EC = user32.dll!SetWindowPos
--> Thunk @ 0066A7F0 = user32.dll!SetWindowPlacement
--> Thunk @ 0066A7F4 = user32.dll!SetWindowLongA
--> Thunk @ 0066A7F8 = user32.dll!SetTimer
--> Thunk @ 0066A7FC = user32.dll!SetScrollRange
--> Thunk @ 0066A800 = user32.dll!SetScrollPos
--> Thunk @ 0066A804 = user32.dll!SetScrollInfo
--> Thunk @ 0066A808 = user32.dll!SetRectEmpty
--> Thunk @ 0066A80C = user32.dll!SetRect
--> Thunk @ 0066A810 = user32.dll!SetPropA
--> Thunk @ 0066A814 = user32.dll!SetParent
--> Thunk @ 0066A818 = user32.dll!SetMenuItemInfoA
--> Thunk @ 0066A81C = user32.dll!SetMenu
--> Thunk @ 0066A820 = user32.dll!SetKeyboardState
--> Thunk @ 0066A824 = user32.dll!SetForegroundWindow
--> Thunk @ 0066A828 = user32.dll!SetFocus
--> Thunk @ 0066A82C = user32.dll!SetCursor
--> Thunk @ 0066A830 = user32.dll!SetClipboardViewer
--> Thunk @ 0066A834 = user32.dll!SetClipboardData
--> Thunk @ 0066A838 = user32.dll!SetClassLongA
--> Thunk @ 0066A83C = user32.dll!SetCapture
--> Thunk @ 0066A840 = user32.dll!SetActiveWindow
--> Thunk @ 0066A844 = user32.dll!SendMessageA
--> Thunk @ 0066A848 = user32.dll!ScrollWindowEx
--> Thunk @ 0066A84C = user32.dll!ScrollWindow
--> Thunk @ 0066A850 = user32.dll!ScreenToClient
--> Thunk @ 0066A854 = user32.dll!RemovePropA
--> Thunk @ 0066A858 = user32.dll!RemoveMenu
--> Thunk @ 0066A85C = user32.dll!ReleaseDC
--> Thunk @ 0066A860 = user32.dll!ReleaseCapture
--> Thunk @ 0066A864 = user32.dll!RegisterWindowMessageA
--> Thunk @ 0066A868 = user32.dll!RegisterClipboardFormatA
--> Thunk @ 0066A86C = user32.dll!RegisterClassA
--> Thunk @ 0066A870 = user32.dll!RedrawWindow
--> Thunk @ 0066A874 = user32.dll!PtInRect
--> Thunk @ 0066A878 = user32.dll!PostQuitMessage
--> Thunk @ 0066A87C = user32.dll!PostMessageA
--> Thunk @ 0066A880 = user32.dll!PeekMessageA
--> Thunk @ 0066A884 = user32.dll!OpenClipboard
--> Thunk @ 0066A888 = user32.dll!OffsetRect
--> Thunk @ 0066A88C = user32.dll!OemToCharA
--> Thunk @ 0066A890 = user32.dll!MsgWaitForMultipleObjects
--> Thunk @ 0066A894 = user32.dll!MessageBoxA
--> Thunk @ 0066A898 = user32.dll!MessageBeep
--> Thunk @ 0066A89C = user32.dll!MapWindowPoints
--> Thunk @ 0066A8A0 = user32.dll!MapVirtualKeyA
--> Thunk @ 0066A8A4 = user32.dll!LoadStringA
--> Thunk @ 0066A8A8 = user32.dll!LoadKeyboardLayoutA
--> Thunk @ 0066A8AC = user32.dll!LoadIconA
--> Thunk @ 0066A8B0 = user32.dll!LoadCursorA
--> Thunk @ 0066A8B4 = user32.dll!LoadBitmapA
--> Thunk @ 0066A8B8 = user32.dll!KillTimer
--> Thunk @ 0066A8BC = user32.dll!IsZoomed
--> Thunk @ 0066A8C0 = user32.dll!IsWindowVisible
--> Thunk @ 0066A8C4 = user32.dll!IsWindowEnabled
--> Thunk @ 0066A8C8 = user32.dll!IsWindow
--> Thunk @ 0066A8CC = user32.dll!IsRectEmpty
--> Thunk @ 0066A8D0 = user32.dll!IsIconic
--> Thunk @ 0066A8D4 = user32.dll!IsDialogMessageA
--> Thunk @ 0066A8D8 = user32.dll!IsClipboardFormatAvailable
--> Thunk @ 0066A8DC = user32.dll!IsChild
--> Thunk @ 0066A8E0 = user32.dll!IsCharAlphaNumericA
--> Thunk @ 0066A8E4 = user32.dll!IsCharAlphaA
--> Thunk @ 0066A8E8 = user32.dll!InvertRect
--> Thunk @ 0066A8EC = user32.dll!InvalidateRect
--> Thunk @ 0066A8F0 = user32.dll!IntersectRect
--> Thunk @ 0066A8F4 = user32.dll!InsertMenuItemA
--> Thunk @ 0066A8F8 = user32.dll!InsertMenuA
--> Thunk @ 0066A8FC = user32.dll!InflateRect
--> Thunk @ 0066A900 = user32.dll!HideCaret
--> Thunk @ 0066A904 = user32.dll!GetWindowThreadProcessId
--> Thunk @ 0066A908 = user32.dll!GetWindowTextA
--> Thunk @ 0066A90C = user32.dll!GetWindowRect
--> Thunk @ 0066A910 = user32.dll!GetWindowPlacement
--> Thunk @ 0066A914 = user32.dll!GetWindowLongA
--> Thunk @ 0066A918 = user32.dll!GetWindowDC
--> Thunk @ 0066A91C = user32.dll!GetTopWindow
--> Thunk @ 0066A920 = user32.dll!GetSystemMetrics
--> Thunk @ 0066A924 = user32.dll!GetSystemMenu
--> Thunk @ 0066A928 = user32.dll!GetSysColorBrush
--> Thunk @ 0066A92C = user32.dll!GetSysColor
--> Thunk @ 0066A930 = user32.dll!GetSubMenu
--> Thunk @ 0066A934 = user32.dll!GetScrollRange
--> Thunk @ 0066A938 = user32.dll!GetScrollPos
--> Thunk @ 0066A93C = user32.dll!GetScrollInfo
--> Thunk @ 0066A940 = user32.dll!GetPropA
--> Thunk @ 0066A944 = user32.dll!GetParent
--> Thunk @ 0066A948 = user32.dll!GetWindow
--> Thunk @ 0066A94C = user32.dll!GetMessageTime
--> Thunk @ 0066A950 = user32.dll!GetMessagePos
--> Thunk @ 0066A954 = user32.dll!GetMessageA
--> Thunk @ 0066A958 = user32.dll!GetMenuStringA
--> Thunk @ 0066A95C = user32.dll!GetMenuState
--> Thunk @ 0066A960 = user32.dll!GetMenuItemInfoA
--> Thunk @ 0066A964 = user32.dll!GetMenuItemID
--> Thunk @ 0066A968 = user32.dll!GetMenuItemCount
--> Thunk @ 0066A96C = user32.dll!GetMenuDefaultItem
--> Thunk @ 0066A970 = user32.dll!GetMenu
--> Thunk @ 0066A974 = user32.dll!GetLastActivePopup
--> Thunk @ 0066A978 = user32.dll!GetKeyboardState
--> Thunk @ 0066A97C = user32.dll!GetKeyboardLayoutList
--> Thunk @ 0066A980 = user32.dll!GetKeyboardLayout
--> Thunk @ 0066A984 = user32.dll!GetKeyState
--> Thunk @ 0066A988 = user32.dll!GetKeyNameTextA
--> Thunk @ 0066A98C = user32.dll!GetIconInfo
--> Thunk @ 0066A990 = user32.dll!GetForegroundWindow
--> Thunk @ 0066A994 = user32.dll!GetFocus
--> Thunk @ 0066A998 = user32.dll!GetDoubleClickTime
--> Thunk @ 0066A99C = user32.dll!GetDlgItem
--> Thunk @ 0066A9A0 = user32.dll!GetDesktopWindow
--> Thunk @ 0066A9A4 = user32.dll!GetDCEx
--> Thunk @ 0066A9A8 = user32.dll!GetDC
--> Thunk @ 0066A9AC = user32.dll!GetCursorPos
--> Thunk @ 0066A9B0 = user32.dll!GetCursor
--> Thunk @ 0066A9B4 = user32.dll!GetClipboardData
--> Thunk @ 0066A9B8 = user32.dll!GetClientRect
--> Thunk @ 0066A9BC = user32.dll!GetClassNameA
--> Thunk @ 0066A9C0 = user32.dll!GetClassLongA
--> Thunk @ 0066A9C4 = user32.dll!GetClassInfoA
--> Thunk @ 0066A9C8 = user32.dll!GetCaretPos
--> Thunk @ 0066A9CC = user32.dll!GetCapture
--> Thunk @ 0066A9D0 = user32.dll!GetAsyncKeyState
--> Thunk @ 0066A9D4 = user32.dll!GetActiveWindow
--> Thunk @ 0066A9D8 = user32.dll!FrameRect
--> Thunk @ 0066A9DC = user32.dll!FindWindowA
--> Thunk @ 0066A9E0 = user32.dll!FillRect
--> Thunk @ 0066A9E4 = user32.dll!EqualRect
--> Thunk @ 0066A9E8 = user32.dll!EnumWindows
--> Thunk @ 0066A9EC = user32.dll!EnumThreadWindows
--> Thunk @ 0066A9F0 = user32.dll!EnumClipboardFormats
--> Thunk @ 0066A9F4 = user32.dll!EndPaint
--> Thunk @ 0066A9F8 = user32.dll!EnableWindow
--> Thunk @ 0066A9FC = user32.dll!EnableScrollBar
--> Thunk @ 0066AA00 = user32.dll!EnableMenuItem
--> Thunk @ 0066AA04 = user32.dll!EmptyClipboard
--> Thunk @ 0066AA08 = user32.dll!DrawTextA
--> Thunk @ 0066AA0C = user32.dll!DrawMenuBar
--> Thunk @ 0066AA10 = user32.dll!DrawIconEx
--> Thunk @ 0066AA14 = user32.dll!DrawIcon
--> Thunk @ 0066AA18 = user32.dll!DrawFrameControl
--> Thunk @ 0066AA1C = user32.dll!DrawFocusRect
--> Thunk @ 0066AA20 = user32.dll!DrawEdge
--> Thunk @ 0066AA24 = user32.dll!DragDetect
--> Thunk @ 0066AA28 = user32.dll!DispatchMessageA
--> Thunk @ 0066AA2C = user32.dll!DestroyWindow
--> Thunk @ 0066AA30 = user32.dll!DestroyMenu
--> Thunk @ 0066AA34 = user32.dll!DestroyIcon
--> Thunk @ 0066AA38 = user32.dll!DestroyCursor
--> Thunk @ 0066AA3C = user32.dll!DeleteMenu
--> Thunk @ 0066AA40 = user32.dll!DefWindowProcA
--> Thunk @ 0066AA44 = user32.dll!DefMDIChildProcA
--> Thunk @ 0066AA48 = user32.dll!DefFrameProcA
--> Thunk @ 0066AA4C = user32.dll!CreateWindowExA
--> Thunk @ 0066AA50 = user32.dll!CreatePopupMenu
--> Thunk @ 0066AA54 = user32.dll!CreateMenu
--> Thunk @ 0066AA58 = user32.dll!CreateIcon
--> Thunk @ 0066AA5C = user32.dll!CopyImage
--> Thunk @ 0066AA60 = user32.dll!CloseClipboard
--> Thunk @ 0066AA64 = user32.dll!ClientToScreen
--> Thunk @ 0066AA68 = user32.dll!ChildWindowFromPointEx
--> Thunk @ 0066AA6C = user32.dll!ChildWindowFromPoint
--> Thunk @ 0066AA70 = user32.dll!CheckMenuItem
--> Thunk @ 0066AA74 = user32.dll!ChangeClipboardChain
--> Thunk @ 0066AA78 = user32.dll!CallWindowProcA
--> Thunk @ 0066AA7C = user32.dll!CallNextHookEx
--> Thunk @ 0066AA80 = user32.dll!BeginPaint
--> Thunk @ 0066AA84 = user32.dll!CharNextA
--> Thunk @ 0066AA88 = user32.dll!CharLowerBuffA
--> Thunk @ 0066AA8C = user32.dll!CharLowerA
--> Thunk @ 0066AA90 = user32.dll!CharUpperBuffA
--> Thunk @ 0066AA94 = user32.dll!AdjustWindowRectEx
--> Thunk @ 0066AA98 = user32.dll!ActivateKeyboardLayout
--> Thunk @ 0066AAA0 = ole32.dll!CoTaskMemFree
--> Thunk @ 0066AAA4 = ole32.dll!CoCreateGuid
--> Thunk @ 0066AAA8 = ole32.dll!CLSIDFromString
--> Thunk @ 0066AAAC = ole32.dll!StringFromCLSID
--> Thunk @ 0066AAB0 = ole32.dll!CoUninitialize
--> Thunk @ 0066AAB4 = ole32.dll!CoInitialize
--> Thunk @ 0066AAB8 = ole32.dll!IsEqualGUID
--> Thunk @ 0066AAC0 = oleaut32.dll!GetErrorInfo
--> Thunk @ 0066AAC4 = oleaut32.dll!SysFreeString
--> Thunk @ 0066AACC = comctl32.dll!InitializeFlatSB
--> Thunk @ 0066AAD0 = comctl32.dll!FlatSB_ShowScrollBar
--> Thunk @ 0066AAD4 = comctl32.dll!FlatSB_SetScrollProp
--> Thunk @ 0066AAD8 = comctl32.dll!FlatSB_SetScrollInfo
--> Thunk @ 0066AADC = comctl32.dll!ImageList_SetIconSize
--> Thunk @ 0066AAE0 = comctl32.dll!ImageList_GetIconSize
--> Thunk @ 0066AAE4 = comctl32.dll!ImageList_Write
--> Thunk @ 0066AAE8 = comctl32.dll!ImageList_Read
--> Thunk @ 0066AAEC = comctl32.dll!ImageList_GetDragImage
--> Thunk @ 0066AAF0 = comctl32.dll!ImageList_DragShowNolock
--> Thunk @ 0066AAF4 = comctl32.dll!ImageList_SetDragCursorImage
--> Thunk @ 0066AAF8 = comctl32.dll!ImageList_DragMove
--> Thunk @ 0066AAFC = comctl32.dll!ImageList_DragLeave
--> Thunk @ 0066AB00 = comctl32.dll!ImageList_DragEnter
--> Thunk @ 0066AB04 = comctl32.dll!ImageList_EndDrag
--> Thunk @ 0066AB08 = comctl32.dll!ImageList_BeginDrag
--> Thunk @ 0066AB0C = comctl32.dll!ImageList_GetIcon
--> Thunk @ 0066AB10 = comctl32.dll!ImageList_Remove
--> Thunk @ 0066AB14 = comctl32.dll!ImageList_DrawEx
--> Thunk @ 0066AB18 = comctl32.dll!ImageList_Replace
--> Thunk @ 0066AB1C = comctl32.dll!ImageList_Draw
--> Thunk @ 0066AB20 = comctl32.dll!ImageList_GetBkColor
--> Thunk @ 0066AB24 = comctl32.dll!ImageList_SetBkColor
--> Thunk @ 0066AB28 = comctl32.dll!ImageList_ReplaceIcon
--> Thunk @ 0066AB2C = comctl32.dll!ImageList_Add
--> Thunk @ 0066AB30 = comctl32.dll!ImageList_GetImageCount
--> Thunk @ 0066AB34 = comctl32.dll!ImageList_Destroy
--> Thunk @ 0066AB38 = comctl32.dll!ImageList_Create
--> Thunk @ 0066AB3C = comctl32.dll!InitCommonControls
--> Thunk @ 0066AB44 = shell32.dll!Shell_NotifyIconA
--> Thunk @ 0066AB48 = shell32.dll!ShellExecuteA
--> Thunk @ 0066AB50 = wininet.dll!InternetGetConnectedState
--> Thunk @ 0066AB54 = wininet.dll!InternetAutodial
--> Thunk @ 0066AB5C = IMAGEHLP.DLL!UnMapAndLoad
--> Thunk @ 0066AB60 = IMAGEHLP.DLL!ImageRvaToSection
--> Thunk @ 0066AB64 = IMAGEHLP.DLL!ImageDirectoryEntryToData
--> Thunk @ 0066AB6C = imagehlp.dll!ImageRvaToVa
--> Thunk @ 0066AB74 = comdlg32.dll!GetSaveFileNameA
--> Thunk @ 0066AB78 = comdlg32.dll!GetOpenFileNameA
--> Thunk @ 0066AB80 = winmm.dll!timeGetTime
--> Thunk @ 0066AB84 = winmm.dll!PlaySoundA
--> Thunk @ 0066AB8C = kernel32.dll!InterlockedDecrement
--> Thunk @ 0066AB90 = kernel32.dll!InterlockedIncrement
--> Thunk @ 0066AB94 = kernel32.dll!InterlockedExchangeAdd
--> Thunk @ 0066AB98 = kernel32.dll!InterlockedExchange
--> Thunk @ 0066ABA0 = ws2_32.dll!WSASocketA
--> Thunk @ 0066ABA4 = ws2_32.dll!WSASend
--> Thunk @ 0066ABA8 = ws2_32.dll!WSARecv
--> Thunk @ 0066ABAC = ws2_32.dll!WSAGetOverlappedResult
--> Thunk @ 0066ABB0 = ws2_32.dll!WSAEventSelect
--> Thunk @ 0066ABB4 = ws2_32.dll!WSAGetLastError
--> Thunk @ 0066ABB8 = ws2_32.dll!WSACleanup
--> Thunk @ 0066ABBC = ws2_32.dll!WSAStartup
--> Thunk @ 0066ABC0 = ws2_32.dll!gethostbyname
--> Thunk @ 0066ABC4 = ws2_32.dll!shutdown
--> Thunk @ 0066ABC8 = ws2_32.dll!ntohs
--> Thunk @ 0066ABCC = ws2_32.dll!listen
--> Thunk @ 0066ABD0 = ws2_32.dll!inet_addr
--> Thunk @ 0066ABD4 = ws2_32.dll!htons
--> Thunk @ 0066ABD8 = ws2_32.dll!closesocket
--> Thunk @ 0066ABDC = ws2_32.dll!bind
--> Thunk @ 0066ABE0 = ws2_32.dll!accept
--> Thunk @ 0066ABE8 = kernel32.dll!InterlockedExchangeAdd
--> Thunk @ 0066ABEC = kernel32.dll!InterlockedExchange
--> Thunk @ 0066ABF0 = kernel32.dll!InterlockedIncrement
--> Thunk @ 0066ABF8 = kernel32.dll!SetFilePointer
--> Thunk @ 0066AC00 = ODBCCP32.DLL!SQLValidDSN
--> Thunk @ 0066AC08 = ODBC32.DLL!SQLSpecialColumns
--> Thunk @ 0066AC0C = ODBC32.DLL!SQLSetStmtAttr
--> Thunk @ 0066AC10 = ODBC32.DLL!SQLSetPos
--> Thunk @ 0066AC14 = ODBC32.DLL!SQLSetEnvAttr
--> Thunk @ 0066AC18 = ODBC32.DLL!SQLSetDescField
--> Thunk @ 0066AC1C = ODBC32.DLL!SQLSetConnectAttr
--> Thunk @ 0066AC20 = ODBC32.DLL!SQLRowCount
--> Thunk @ 0066AC24 = ODBC32.DLL!SQLPutData
--> Thunk @ 0066AC28 = ODBC32.DLL!SQLProcedures
--> Thunk @ 0066AC2C = ODBC32.DLL!SQLProcedureColumns
--> Thunk @ 0066AC30 = ODBC32.DLL!SQLPrimaryKeys
--> Thunk @ 0066AC34 = ODBC32.DLL!SQLPrepare
--> Thunk @ 0066AC38 = ODBC32.DLL!SQLParamData
--> Thunk @ 0066AC3C = ODBC32.DLL!SQLNumResultCols
--> Thunk @ 0066AC40 = ODBC32.DLL!SQLGetStmtAttr
--> Thunk @ 0066AC44 = ODBC32.DLL!SQLGetInfo
--> Thunk @ 0066AC48 = ODBC32.DLL!SQLGetFunctions
--> Thunk @ 0066AC4C = ODBC32.DLL!SQLGetEnvAttr
--> Thunk @ 0066AC50 = ODBC32.DLL!SQLGetDiagRec
--> Thunk @ 0066AC54 = ODBC32.DLL!SQLGetDiagField
--> Thunk @ 0066AC58 = ODBC32.DLL!SQLGetData
--> Thunk @ 0066AC5C = ODBC32.DLL!SQLGetCursorName
--> Thunk @ 0066AC60 = ODBC32.DLL!SQLGetConnectAttr
--> Thunk @ 0066AC64 = ODBC32.DLL!SQLFreeStmt
--> Thunk @ 0066AC68 = ODBC32.DLL!SQLFreeHandle
--> Thunk @ 0066AC6C = ODBC32.DLL!SQLFetchScroll
--> Thunk @ 0066AC70 = ODBC32.DLL!SQLFetch
--> Thunk @ 0066AC74 = ODBC32.DLL!SQLExecute
--> Thunk @ 0066AC78 = ODBC32.DLL!SQLExecDirect
--> Thunk @ 0066AC7C = ODBC32.DLL!SQLDriverConnect
--> Thunk @ 0066AC80 = ODBC32.DLL!SQLDisconnect
--> Thunk @ 0066AC84 = ODBC32.DLL!SQLDescribeParam
--> Thunk @ 0066AC88 = ODBC32.DLL!SQLDescribeCol
--> Thunk @ 0066AC8C = ODBC32.DLL!SQLConnect
--> Thunk @ 0066AC90 = ODBC32.DLL!SQLColAttribute
--> Thunk @ 0066AC94 = ODBC32.DLL!SQLBulkOperations
--> Thunk @ 0066AC98 = ODBC32.DLL!SQLBindParameter
--> Thunk @ 0066AC9C = ODBC32.DLL!SQLBindCol
--> Thunk @ 0066ACA0 = ODBC32.DLL!SQLAllocHandle
--> Thunk @ 0066ACA8 = kernel32.dll!MulDiv
--> Thunk @ 0066ACB0 = HHCtrl.ocx!HtmlHelpA
--> Thunk @ 0066ACB8 = asidbe.dll!Ordinal0000009E
--> Thunk @ 0066ACBC = asidbe.dll!Ordinal0000008F
--> Thunk @ 0066ACC0 = asidbe.dll!Ordinal0000007C
--> Thunk @ 0066ACC4 = asidbe.dll!Ordinal00000075
--> Thunk @ 0066ACC8 = asidbe.dll!Ordinal0000005D
--> Thunk @ 0066ACCC = asidbe.dll!Ordinal0000004E
--> Thunk @ 0066ACD0 = asidbe.dll!Ordinal00000040
--> Thunk @ 0066ACD4 = asidbe.dll!Ordinal0000002B
--> Thunk @ 0066ACD8 = asidbe.dll!Ordinal0000000F
--> Thunk @ 0066ACDC = asidbe.dll!Ordinal0000000E
--> Thunk @ 0066ACE4 = mosecur.dll!GetInfo
--> Thunk @ 0066ACE8 = mosecur.dll!RegisterTrialApplicationDlg
--> Thunk @ 0066ACF0 = ole32.dll!CoUninitialize
--> Thunk @ 0066ACF4 = ole32.dll!CoInitialize
--> Thunk @ 0066ACFC = shell32.dll!SHGetMalloc
Call OEP hooked...
--> 010BCA39
--> 010BCA56
New Thread created. ID: 00001384
OEP resolved to: 0065E794
Scanning for potential Nanomites...
--> Analyzing Int3 @ 004010C8 --> No Nanomites Used...
Aborting Nanomite Scan...
Resolving Nanomites...
Dumping PE Sections...
Done. I did all of this in 15 seconds!

2006-10-26 23:02

0