
File pos   Mem pos      ID   Text
========   =======      ==   ====

0000004D   0040004D      0   !This program cannot be run in DOS mode.
000000C6   004000C6      0   W]Rich
000001E0   004001E0      0   .text
00000208   00400208      0   .rdata
0000022F   0040022F      0   @.data
0000112E   0040112E      0   SUVWh
0000118F   0040118F      0   Vhp A
000011A3   004011A3      0   Vh\ A
0000130C   0040130C      0   Vh(!A
0000133D   0040133D      0   Vh(3A
00001506   00401506      0   >"u:F
00001551   00401551      0   XPVSS
000021BE   004021BE      0   CloseHandle
000021CC   004021CC      0   SetFileTime
000021DA   004021DA      0   CreateFileA
000021E8   004021E8      0   FindFirstFileA
000021FA   004021FA      0   WinExec
00002204   00402204      0   lstrcpyA
00002210   00402210      0   GetSystemDirectoryA
00002226   00402226      0   GetModuleFileNameA
0000223C   0040223C      0   Sleep
00002244   00402244      0   CopyFileA
00002250   00402250      0   GetVersionExA
00002260   00402260      0   FreeLibrary
0000226E   0040226E      0   GetProcAddress
00002280   00402280      0   LoadLibraryA
0000228E   0040228E      0   KERNEL32.dll
0000229E   0040229E      0   RegCloseKey
000022AC   004022AC      0   RegSetValueExA
000022BE   004022BE      0   RegCreateKeyExA
000022CE   004022CE      0   ADVAPI32.dll
000022DE   004022DE      0   fclose
000022E8   004022E8      0   fwrite
000022F2   004022F2      0   fopen
000022FA   004022FA      0   strncmp
00002304   00402304      0   sprintf
0000230E   0040230E      0   strcmp
00002318   00402318      0   fputs
00002320   00402320      0   strlen
00002328   00402328      0   MSVCRT.dll
00002336   00402336      0   _exit
0000233E   0040233E      0   _XcptFilter
00002354   00402354      0   _acmdln
0000235E   0040235E      0   __getmainargs
0000236E   0040236E      0   _initterm
0000237A   0040237A      0   __setusermatherr
0000238E   0040238E      0   _adjust_fdiv
0000239E   0040239E      0   __p__commode
000023AE   004023AE      0   __p__fmode
000023BC   004023BC      0   __set_app_type
000023CE   004023CE      0   _except_handler3
000023E2   004023E2      0   _controlfp
000023F0   004023F0      0   GetModuleHandleA
00002404   00402404      0   GetStartupInfoA
00002416   00402416      0   _strlwr
00003061   00403061      0   !This program cannot be run in DOS mode.
000030E4   004030E4      0   RichqD<
000031FC   004031FC      0   .text
00003224   00403224      0   .rdata
0000324B   0040324B      0   @.data

File pos   Mem pos      ID   Text
========   =======      ==   ====

00003274   00403274      0   .reloc
000042BA   004042BA      0   L$HPQ
00004381   00404381      0   D$ h4
000043C7   004043C7      0   D$ h4
00004778   00404778      0   t	WVS
000047A5   004047A5      0   u7WPS
000047B6   004047B6      0   u&WVS
00005172   00405172      0   CloseHandle
00005180   00405180      0   GetCurrentProcess
00005194   00405194      0   OpenProcess
000051A2   004051A2      0   FreeLibrary
000051B0   004051B0      0   VirtualFreeEx
000051C0   004051C0      0   ReadProcessMemory
000051D4   004051D4      0   WaitForSingleObject
000051EA   004051EA      0   CreateRemoteThread
00005200   00405200      0   GetProcAddress
00005212   00405212      0   LoadLibraryA
00005222   00405222      0   WriteProcessMemory
00005238   00405238      0   VirtualAllocEx
0000524A   0040524A      0   Sleep
00005252   00405252      0   lstrcpyA
0000525C   0040525C      0   KERNEL32.dll
0000526C   0040526C      0   AdjustTokenPrivileges
00005284   00405284      0   LookupPrivilegeValueA
0000529C   0040529C      0   OpenProcessToken
000052AE   004052AE      0   ADVAPI32.dll
000052BE   004052BE      0   _stricmp
000052CA   004052CA      0   wcscpy
000052D4   004052D4      0   _beginthread
000052E2   004052E2      0   MSVCRT.dll
000052F8   004052F8      0   _initterm
00005304   00405304      0   malloc
0000530E   0040530E      0   _adjust_fdiv
0000531E   0040531E      0   GetModuleBaseNameA
00005334   00405334      0   EnumProcessModules
0000534A   0040534A      0   EnumProcesses
00005358   00405358      0   PSAPI.DLL
000053AA   004053AA      0   realdeck.dll
000053B7   004053B7      0   LetStart
000053C0   004053C0      0   LetsWork
000053C9   004053C9      0   funAtNote
00006024   00406024      0   SeDebugPrivilege
00006038   00406038      0   UnknownProcess
00006048   00406048      0   GetProcAddress
00006058   00406058      0   FreeLibrary
00006064   00406064      0   GetModuleHandleW
00006078   00406078      0   LoadLibraryW
00006088   00406088      0   kernel32.dll
00006098   00406098      0   LSASS.EXE
00006108   00406108      0   Netscp.exe
00006114   00406114      0   msimn.exe
00006120   00406120      0   OUTLOOK.EXE
0000612C   0040612C      0   IEXPLORE.EXE
0000613C   0040613C      0   Explorer.EXE
0000701F   0040701F      0   0!0)080t0
0000704D   0040704D      0   3#3/3?3z3
00007067   00407067      0   5 5%5e5
00007081   00407081      0   6.6B6
000070A5   004070A5      0   7$7*7L7
00008065   00408065      0   !This program cannot be run in DOS mode.

File pos   Mem pos      ID   Text
========   =======      ==   ====

000081E0   004081E0      0   .text
00008208   00408208      0   .rdata
0000822F   0040822F      0   @.data
00008258   00408258      0   .reloc
00009026   00409026      0   D$,WPQ
000090A0   004090A0      0   L$hQhtj
000090BC   004090BC      0   BRh8@
0000910B   0040910B      0   L$(Qhtj
0000911B   0040911B      0   D$PRP
00009164   00409164      0   D$4h$@
00009176   00409176      0   L$(Qhtj
000091A4   004091A4      0   D$<BPW
00009243   00409243      0   u#hHE
000093BC   004093BC      0   u"hHE
00009C2A   00409C2A      0   u!hyj
00009C63   00409C63      0   u!hyj
00009C9C   00409C9C      0   u!hyj
00009CD5   00409CD5      0   u!hyj
00009D3F   00409D3F      0   u!hyj
00009EB2   00409EB2      0   u-hyj
00009F80   00409F80      0    Uhtj
0000A16E   0040A16E      0   VWhtd
0000A19B   0040A19B      0   HtEHu
0000A3B2   0040A3B2      0   SVWh\W
0000A44E   0040A44E      0   tWVh\F
0000A777   0040A777      0   u8htb
0000A9B2   0040A9B2      0   L$$QRP
0000A9D1   0040A9D1      0   D$ RP
0000AA00   0040AA00      0   D$PRPSSS
0000AA94   0040AA94      0   D$@QShP(
0000AACD   0040AACD      0   D$ SP
0000AB3D   0040AB3D      0   L$DSQ
0000AC56   0040AC56      0   D$ Rj
0000AEA2   0040AEA2      0   t	WVS
0000AECF   0040AECF      0   u7WPS
0000AEE0   0040AEE0      0   u&WVS
0000B24A   0040B24A      0   FindNextFileA
0000B25A   0040B25A      0   lstrcatA
0000B266   0040B266      0   FileTimeToSystemTime
0000B27E   0040B27E      0   lstrlenA
0000B28A   0040B28A      0   FindFirstFileA
0000B29C   0040B29C      0   lstrcpyA
0000B2A8   0040B2A8      0   MoveFileA
0000B2B4   0040B2B4      0   DeleteFileA
0000B2C2   0040B2C2      0   SetFileAttributesA
0000B2D8   0040B2D8      0   GetVersionExA
0000B2E8   0040B2E8      0   GetSystemDirectoryA
0000B2FE   0040B2FE      0   GetComputerNameA
0000B312   0040B312      0   WinExec
0000B31C   0040B31C      0   CloseHandle
0000B32A   0040B32A      0   ReleaseMutex
0000B33A   0040B33A      0   GetLastError
0000B34A   0040B34A      0   CreateMutexA
0000B35A   0040B35A      0   lstrcmpA
0000B366   0040B366      0   GetSystemTime
0000B376   0040B376      0   Sleep
0000B37E   0040B37E      0   WriteFile
0000B38A   0040B38A      0   WaitForSingleObject
0000B3A0   0040B3A0      0   ReadFile
0000B3AC   0040B3AC      0   GetCurrentThread

File pos   Mem pos      ID   Text
========   =======      ==   ====

0000B3C0   0040B3C0      0   CreateProcessA
0000B3D2   0040B3D2      0   CreatePipe
0000B3DE   0040B3DE      0   KERNEL32.dll
0000B3EC   0040B3EC      0   WS2_32.dll
0000B3FA   0040B3FA      0   sprintf
0000B404   0040B404      0   _open
0000B40C   0040B40C      0   _close
0000B416   0040B416      0   _lseek
0000B420   0040B420      0   strtol
0000B42A   0040B42A      0   strstr
0000B434   0040B434      0   _read
0000B43C   0040B43C      0   _write
0000B446   0040B446      0   strncmp
0000B450   0040B450      0   _beginthread
0000B468   0040B468      0   fclose
0000B472   0040B472      0   fputs
0000B47A   0040B47A      0   fopen
0000B482   0040B482      0   fgets
0000B48A   0040B48A      0   _endthread
0000B496   0040B496      0   MSVCRT.dll
0000B4AC   0040B4AC      0   _initterm
0000B4B8   0040B4B8      0   malloc
0000B4C2   0040B4C2      0   _adjust_fdiv
0000B532   0040B532      0   DUPEX_dll.dll
0000B540   0040B540      0   ENTER_6BASE_CON
0000B550   0040B550      0   ENTER_6ClearUp
0000B55F   0040B55F      0   ENTER_6MAKE_RAR
0000B56F   0040B56F      0   ENTER_6TRAN_RAR
0000B57F   0040B57F      0   ENTER_ALL_WORK
0000C028   0040C028      0   #DFF> zzz <more>
0000C03C   0040C03C      0   	%02d-%02d-%02d
0000C054   0040C054      0   #DFF> 
0000C05C   0040C05C      0   #DFD> 
0000C064   0040C064      0   FS: %d
0000C084   0040C084      0   _LOG.opx
0000C090   0040C090      0   F_END
0000C098   0040C098      0   READY
0000C0B0   0040C0B0      0   %s\%s
0000C0B8   0040C0B8      0   FL: %d
0000C0CC   0040C0CC      0   ERR !!!
0000C0D4   0040C0D4      0   #DFD> %c:
0000C0E0   0040C0E0      0   C:\*.*
0000C100   0040C100      0   impp  
0000C108   0040C108      0   lioj  
0000C110   0040C110      0   lioo  
0000C118   0040C118      0   CHAGeLH?MIE:Me<HF         
0000C134   0040C134      0   CHAGeLH?MIE:Me<HF         
0000C150   0040C150      0   iigehnheioehkh            
0000C16C   0040C16C      0    %d.%d	ID: NoID	
0000C180   0040C180      0   OS: WN
0000C188   0040C188      0   OS: NT
0000C190   0040C190      0   shcp3026       	
0000C1A4   0040C1A4      0   ERR code = 
0000C1B0   0040C1B0      0   NAME: %s	VER: Dupex 3.1	MARK: 
0000C1D0   0040C1D0      0   %s\lastlog.cab
0000C1E0   0040C1E0      0   %s\jiitr.oca
0000C1F0   0040C1F0      0   %s\strmng.ini
0000C200   0040C200      0   %s\rar.exe
0000C2A4   0040C2A4      0   whM4971
0000C2B0   0040C2B0      0   %s\rasmgr.ini

File pos   Mem pos      ID   Text
========   =======      ==   ====

0000C2CC   0040C2CC      0   %s.rar
0000C2D4   0040C2D4      0   %s\jiitr
0000C2E0   0040C2E0      0   %4d%02d%02d
0000C2F4   0040C2F4      0   %s\rar a -r -ta%s -tb%s %s
0000C314   0040C314      0   Name: %s
0000C330   0040C330      0   %s\uidmngr.ini
0000C348   0040C348      0   command.com
0000C354   0040C354      0   cmd.exe
0000D021   0040D021      0   0%0;0B0I0R0f0k0|0
0000D041   0040D041      0   0P1c1j1
0000D05B   0040D05B      0   2'2.23282F2R2X2]2k2
0000D087   0040D087      0   3$3;3n3v3
0000D0A7   0040D0A7      0   4$4.4C4M4V4[4a4h4m4s4x4
0000D0CF   0040D0CF      0   5#54595?5O5w5
0000D0F9   0040D0F9      0   696@6J6]6b6h6n6{6
0000D117   0040D117      0   7&797g7v7}7
0000D133   0040D133      0   788>8H8N8S8X8]8j8o8t8
0000D16F   0040D16F      0   9!9)9C9Y9
0000D179   0040D179      0   9e9l9q9x9}9
0000D1B1   0040D1B1      0   ;;;B;Q;W;];b;z;
0000D1D7   0040D1D7      0   <#<8<=<N<\<q<v<
0000D1FB   0040D1FB      0   =*=8=M=R=e=s=
0000D223   0040D223      0   >&>9>>>V>k>p>
0000D24B   0040D24B      0   ? ?.?A?F?K?U?c?k?
0000D277   0040D277      0   0L0Q0
0000D295   0040D295      0   12181Y1
0000D29D   0040D29D      0   1c1s1
0000D2C7   0040D2C7      0   3)333>3J3k3p3v3
0000D2EF   0040D2EF      0   4%4:4E4O4]4j4t4
0000D309   0040D309      0   53585K5P5a5t5y5
0000D32D   0040D32D      0   6 6%6,676
0000D33F   0040D33F      0   7T7Y7b7s7
0000D357   0040D357      0   9"9A9Z9a9
0000D363   0040D363      0   :':s:
0000D379   0040D379      0   =$=*=0=6=<=B=H=N=T=Z=
0000D38F   0040D38F      0   =f=l=r=x=~=
0000D3C1   0040D3C1      0   >)>>>J>P>r>
0000E069   0040E069      0   !This program cannot be run in DOS mode.
0000E0DC   0040E0DC      0   Rich#zi
0000E1E4   0040E1E4      0   .text
0000E20C   0040E20C      0   .rdata
0000E233   0040E233      0   @.data
0000F19C   0040F19C      0   Vht0@
0000F2B0   0040F2B0      0   >"u:F
0000F2FB   0040F2FB      0   XPVSS
00010136   00410136      0   WaitForSingleObject
0001014C   0041014C      0   CreateEventA
0001015C   0041015C      0   lstrcpyA
00010168   00410168      0   GetVersionExA
00010178   00410178      0   FreeLibrary
00010186   00410186      0   GetProcAddress
00010198   00410198      0   LoadLibraryA
000101A6   004101A6      0   KERNEL32.dll
000101B6   004101B6      0   _beginthread
000101C6   004101C6      0   _endthread
000101D2   004101D2      0   MSVCRT.dll
000101E0   004101E0      0   _exit
000101E8   004101E8      0   _XcptFilter
000101FE   004101FE      0   _acmdln
00010208   00410208      0   __getmainargs

File pos   Mem pos      ID   Text
========   =======      ==   ====

00010218   00410218      0   _initterm
00010224   00410224      0   __setusermatherr
00010238   00410238      0   _adjust_fdiv
00010248   00410248      0   __p__commode
00010258   00410258      0   __p__fmode
00010266   00410266      0   __set_app_type
00010278   00410278      0   _except_handler3
0001028C   0041028C      0   _controlfp
0001029A   0041029A      0   GetModuleHandleA
000102AE   004102AE      0   GetStartupInfoA
0001102C   0041102C      0   mswaive.dll
00011038   00411038      0   ENTER_6BASE_CON
00011048   00411048      0   ENTER_6TRAN_RAR
00011058   00411058      0   ENTER_6MAKE_RAR
00011068   00411068      0   ENTER_6ClearUp
00011078   00411078      0   RegisterServiceProcess
00011090   00411090      0   KERNEL32.DLL
00012020   00412020      0   LetsWork
0001202C   0041202C      0   LetStart
0001203C   0041203C      0   Read Manager
0001204C   0041204C      0   %s\mscanoep.exe
0001205C   0041205C      0   %s\msreadmng.exe
00012070   00412070      0   %s\mswaive.dll
00012080   00412080      0   %s\mssport.dll
0001209C   0041209C      0   %s\uidmngr.ini
000120C8   004120C8      0   Reader Manager tool
000120DC   004120DC      0   ReadManager
000120E8   004120E8      0   SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\
000060A4   004060A4      0   ENTER_ALL_WORK
000060C4   004060C4      0   mswaive.dll
000060DC   004060DC      0   funAtNote
000060F0   004060F0      0   mssport.dll