API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 25th, 2015
154
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 25.10 KB | None | 0 0
raw download clone embed print report
  1. --------------------------------------------------------------------------------
  2. Starting profile on 2015-02-25 at 13:48:14
  3.  
  4. Operating System: Microsoft Windows XP Professional (32-bit), version 5.01.2600 Dodatek Service Pack 3
  5. Program Executable: c:\windows\WELCOME.EXE
  6. Program Arguments:
  7. Starting Directory: C:\WINDOWS\
  8. Search Path: C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
  9.  
  10. Options Selected:
  11. Simulate ShellExecute by inserting any App Paths directories into the PATH environment variable.
  12. Log DllMain calls for process attach and process detach messages.
  13. Log DllMain calls for all other messages, including thread attach and thread detach.
  14. Hook the process to gather more detailed dependency information.
  15. Log LoadLibrary function calls.
  16. Log GetProcAddress function calls.
  17. Log thread information.
  18. Use simple thread numbers instead of actual thread IDs.
  19. Log first chance exceptions.
  20. Log debug output messages.
  21. Use full paths when logging file names.
  22. Log a time stamp with each line of log.
  23. Automatically open and profile child processes.
  24. --------------------------------------------------------------------------------
  25.  
  26. 00:00:00.000: Started "c:\windows\WELCOME.EXE" (process 0x7BC) at address 0x00400000 by thread 1. Successfully hooked module.
  27. 00:00:00.000: Loaded "c:\windows\system32\NTDLL.DLL" at address 0x7C900000 by thread 1. Successfully hooked module.
  28. 00:00:00.060: Loaded "c:\windows\system32\KERNEL32.DLL" at address 0x7C800000 by thread 1. Successfully hooked module.
  29. 00:00:00.060: DllMain(0x7C900000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\NTDLL.DLL" called by thread 1.
  30. 00:00:00.060: DllMain(0x7C900000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\NTDLL.DLL" returned 1 (0x1) by thread 1.
  31. 00:00:00.060: DllMain(0x7C800000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\KERNEL32.DLL" called by thread 1.
  32. 00:00:00.060: DllMain(0x7C800000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\KERNEL32.DLL" returned 1 (0x1) by thread 1.
  33. 00:00:00.070: Injected "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" at address 0x08370000 by thread 1.
  34. 00:00:00.100: DllMain(0x08370000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" called by thread 1.
  35. 00:00:00.150: DllMain(0x08370000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" returned 1 (0x1) by thread 1.
  36. 00:00:00.180: Loaded "c:\windows\system32\USER32.DLL" at address 0x7E360000 by thread 1. Successfully hooked module.
  37. 00:00:00.201: Loaded "c:\windows\system32\GDI32.DLL" at address 0x77F10000 by thread 1. Successfully hooked module.
  38. 00:00:00.221: Loaded "c:\windows\system32\ADVAPI32.DLL" at address 0x77DC0000 by thread 1. Successfully hooked module.
  39. 00:00:00.241: Loaded "c:\windows\system32\RPCRT4.DLL" at address 0x77E70000 by thread 1. Successfully hooked module.
  40. 00:00:00.241: Loaded "c:\windows\system32\SECUR32.DLL" at address 0x77FE0000 by thread 1. Successfully hooked module.
  41. 00:00:00.281: Loaded "c:\windows\system32\SHELL32.DLL" at address 0x7C9C0000 by thread 1. Successfully hooked module.
  42. 00:00:00.301: Loaded "c:\windows\system32\MSVCRT.DLL" at address 0x77C00000 by thread 1. Successfully hooked module.
  43. 00:00:00.321: Loaded "c:\windows\system32\SHLWAPI.DLL" at address 0x77F60000 by thread 1. Successfully hooked module.
  44. 00:00:00.341: Loaded "c:\windows\system32\WINMM.DLL" at address 0x76B20000 by thread 1. Successfully hooked module.
  45. 00:00:00.341: Entrypoint reached. All implicit modules have been loaded.
  46. 00:00:00.351: Loaded "c:\windows\system32\SHIMENG.DLL" at address 0x5CFE0000 by thread 1. Successfully hooked module.
  47. 00:00:00.381: Loaded "c:\windows\apppatch\ACLAYERS.DLL" at address 0x71620000 by thread 1. Successfully hooked module.
  48. 00:00:00.431: Loaded "c:\windows\system32\OLE32.DLL" at address 0x774D0000 by thread 1. Successfully hooked module.
  49. 00:00:00.451: Loaded "c:\windows\system32\USERENV.DLL" at address 0x769A0000 by thread 1. Successfully hooked module.
  50. 00:00:00.471: Loaded "c:\windows\system32\WINSPOOL.DRV" at address 0x72F90000 by thread 1. Successfully hooked module.
  51. 00:00:00.481: DllMain(0x71620000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\apppatch\ACLAYERS.DLL" called by thread 1.
  52. 00:00:00.481: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "InitializeCriticalSectionAndSpinCount") called from "c:\windows\apppatch\ACLAYERS.DLL" at address 0x71661BE1 and returned 0x7C80B8B9 by thread 1.
  53. 00:00:00.491: DllMain(0x71620000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\apppatch\ACLAYERS.DLL" returned 1 (0x1) by thread 1.
  54. 00:00:00.521: Loaded "c:\windows\apppatch\ACGENRAL.DLL" at address 0x59410000 by thread 1. Successfully hooked module.
  55. 00:00:00.551: Loaded "c:\windows\system32\OLEAUT32.DLL" at address 0x77110000 by thread 1. Successfully hooked module.
  56. 00:00:00.571: Loaded "c:\windows\system32\MSACM32.DLL" at address 0x77BD0000 by thread 1. Successfully hooked module.
  57. 00:00:00.581: Loaded "c:\windows\system32\VERSION.DLL" at address 0x77BF0000 by thread 1. Successfully hooked module.
  58. 00:00:00.601: Loaded "c:\windows\system32\UXTHEME.DLL" at address 0x5B1D0000 by thread 1. Successfully hooked module.
  59. 00:00:00.611: DllMain(0x59410000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\apppatch\ACGENRAL.DLL" called by thread 1.
  60. 00:00:00.611: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "InitializeCriticalSectionAndSpinCount") called from "c:\windows\apppatch\ACGENRAL.DLL" at address 0x5943CFF5 and returned 0x7C80B8B9 by thread 1.
  61. 00:00:00.621: DllMain(0x59410000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\apppatch\ACGENRAL.DLL" returned 1 (0x1) by thread 1.
  62. 00:00:00.631: GetProcAddress(0x7C900000 [c:\windows\system32\NTDLL.DLL], "RtlAddVectoredExceptionHandler") called from "c:\windows\apppatch\ACLAYERS.DLL" at address 0x71646497 and returned 0x7C936BFA by thread 1.
  63. 00:00:00.661: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "SetDllDirectoryW") called from "c:\windows\apppatch\ACGENRAL.DLL" at address 0x5942B031 and returned 0x7C85FBB8 by thread 1.
  64. 00:00:00.671: DllMain(0x77F10000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\GDI32.DLL" called by thread 1.
  65. 00:00:00.671: DllMain(0x77F10000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\GDI32.DLL" returned 1 (0x1) by thread 1.
  66. 00:00:00.681: DllMain(0x7E360000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\USER32.DLL" called by thread 1.
  67. 00:00:00.681: DllMain(0x7E360000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\USER32.DLL" returned 1 (0x1) by thread 1.
  68. 00:00:00.681: DllMain(0x77FE0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SECUR32.DLL" called by thread 1.
  69. 00:00:00.681: DllMain(0x77FE0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SECUR32.DLL" returned 1 (0x1) by thread 1.
  70. 00:00:00.681: DllMain(0x77E70000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\RPCRT4.DLL" called by thread 1.
  71. 00:00:00.681: DllMain(0x77E70000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\RPCRT4.DLL" returned 1 (0x1) by thread 1.
  72. 00:00:00.681: DllMain(0x77DC0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\ADVAPI32.DLL" called by thread 1.
  73. 00:00:00.681: DllMain(0x77DC0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\ADVAPI32.DLL" returned 1 (0x1) by thread 1.
  74. 00:00:00.681: DllMain(0x77C00000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\MSVCRT.DLL" called by thread 1.
  75. 00:00:00.691: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "InitializeCriticalSectionAndSpinCount") called from "c:\windows\system32\MSVCRT.DLL" at address 0x77C279C2 and returned 0x7C80B8B9 by thread 1.
  76. 00:00:00.701: DllMain(0x77C00000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\MSVCRT.DLL" returned 1 (0x1) by thread 1.
  77. 00:00:00.701: DllMain(0x77F60000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SHLWAPI.DLL" called by thread 1.
  78. 00:00:00.701: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateTimerQueue") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65CE9 and returned 0x7C82BFCE by thread 1.
  79. 00:00:00.711: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeleteTimerQueue") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65CF8 and returned 0x7C863DCB by thread 1.
  80. 00:00:00.721: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateTimerQueueTimer") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65D07 and returned 0x7C821165 by thread 1.
  81. 00:00:00.721: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ChangeTimerQueueTimer") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65D17 and returned 0x7C8127B3 by thread 1.
  82. 00:00:00.721: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeleteTimerQueueTimer") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65D25 and returned 0x7C821118 by thread 1.
  83. 00:00:00.721: DllMain(0x77F60000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SHLWAPI.DLL" returned 1 (0x1) by thread 1.
  84. 00:00:00.721: DllMain(0x7C9C0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SHELL32.DLL" called by thread 1.
  85. 00:00:00.721: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateActCtxW") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA26B06 and returned 0x7C8154EC by thread 1.
  86. 00:00:00.741: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ActivateActCtx") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9E7679 and returned 0x7C80A6D4 by thread 1.
  87. 00:00:00.741: LoadLibraryW("comctl32.dll") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA26740 by thread 1.
  88. 00:00:00.761: Loaded "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x773C0000 by thread 1. Successfully hooked module.
  89. 00:00:00.781: DllMain(0x773C0000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" called by thread 1.
  90. 00:00:00.811: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "GetSystemWindowsDirectoryW") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B749 and returned 0x7C80ADB9 by thread 1.
  91. 00:00:00.851: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateActCtxW") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B5CC and returned 0x7C8154EC by thread 1.
  92. 00:00:00.881: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ActivateActCtx") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B65E and returned 0x7C80A6D4 by thread 1.
  93. 00:00:00.922: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeactivateActCtx") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B6B4 and returned 0x7C80A705 by thread 1.
  94. 00:00:00.942: DllMain(0x773C0000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" returned 1 (0x1) by thread 1.
  95. 00:00:00.962: LoadLibraryW("comctl32.dll") returned 0x773C0000 by thread 1.
  96. 00:00:01.012: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeactivateActCtx") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9E76E4 and returned 0x7C80A705 by thread 1.
  97. 00:00:01.032: LoadLibraryW("comctl32.dll") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA2686E by thread 1.
  98. 00:00:01.112: Loaded "c:\windows\system32\COMCTL32.DLL" at address 0x5D520000 by thread 1. Successfully hooked module.
  99. 00:00:01.142: DllMain(0x5D520000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\COMCTL32.DLL" called by thread 1.
  100. 00:00:01.172: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "InitializeCriticalSectionAndSpinCount") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D525338 and returned 0x7C80B8B9 by thread 1.
  101. 00:00:01.212: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateActCtxW") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D58F198 and returned 0x7C8154EC by thread 1.
  102. 00:00:01.242: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ProcessIdToSessionId") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D5254D8 and returned 0x7C813019 by thread 1.
  103. 00:00:01.282: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "GetSystemMetrics") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D5255CE and returned 0x7E368F9C by thread 1.
  104. 00:00:01.322: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "MonitorFromWindow") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D5255E3 and returned 0x7E37A679 by thread 1.
  105. 00:00:01.342: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "MonitorFromRect") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D5255F8 and returned 0x7E37C713 by thread 1.
  106. 00:00:01.372: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "MonitorFromPoint") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D52560D and returned 0x7E37ABF5 by thread 1.
  107. 00:00:01.402: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "EnumDisplayMonitors") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D525622 and returned 0x7E37A77B by thread 1.
  108. 00:00:01.442: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "EnumDisplayDevicesW") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D525637 and returned 0x7E36E03C by thread 1.
  109. 00:00:01.472: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "GetMonitorInfoW") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D525654 and returned 0x7E37A6D9 by thread 1.
  110. 00:00:01.512: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ActivateActCtx") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D58F24A and returned 0x7C80A6D4 by thread 1.
  111. 00:00:01.562: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeactivateActCtx") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D58F2AF and returned 0x7C80A705 by thread 1.
  112. 00:00:01.572: DllMain(0x5D520000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\COMCTL32.DLL" returned 1 (0x1) by thread 1.
  113. 00:00:01.593: LoadLibraryW("comctl32.dll") returned 0x5D520000 by thread 1.
  114. 00:00:01.653: GetProcAddress(0x5D520000 [c:\windows\system32\COMCTL32.DLL], "InitCommonControlsEx") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA2687E and returned 0x5D523619 by thread 1.
  115. 00:00:01.673: DllMain(0x7C9C0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SHELL32.DLL" returned 1 (0x1) by thread 1.
  116. 00:00:01.713: DllMain(0x76B20000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\WINMM.DLL" called by thread 1.
  117. 00:00:01.713: DllMain(0x76B20000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\WINMM.DLL" returned 1 (0x1) by thread 1.
  118. 00:00:01.753: DllMain(0x774D0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\OLE32.DLL" called by thread 1.
  119. 00:00:01.753: DllMain(0x774D0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\OLE32.DLL" returned 1 (0x1) by thread 1.
  120. 00:00:01.793: DllMain(0x769A0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\USERENV.DLL" called by thread 1.
  121. 00:00:01.793: DllMain(0x769A0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\USERENV.DLL" returned 1 (0x1) by thread 1.
  122. 00:00:01.823: DllMain(0x72F90000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\WINSPOOL.DRV" called by thread 1.
  123. 00:00:01.823: DllMain(0x72F90000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\WINSPOOL.DRV" returned 1 (0x1) by thread 1.
  124. 00:00:01.863: DllMain(0x77110000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\OLEAUT32.DLL" called by thread 1.
  125. 00:00:01.863: DllMain(0x77110000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\OLEAUT32.DLL" returned 1 (0x1) by thread 1.
  126. 00:00:01.903: DllMain(0x77BD0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\MSACM32.DLL" called by thread 1.
  127. 00:00:01.903: DllMain(0x77BD0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\MSACM32.DLL" returned 1 (0x1) by thread 1.
  128. 00:00:01.933: DllMain(0x77BF0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\VERSION.DLL" called by thread 1.
  129. 00:00:01.943: DllMain(0x77BF0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\VERSION.DLL" returned 1 (0x1) by thread 1.
  130. 00:00:01.993: DllMain(0x5B1D0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\UXTHEME.DLL" called by thread 1.
  131. 00:00:01.993: DllMain(0x5B1D0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\UXTHEME.DLL" returned 1 (0x1) by thread 1.
  132. 00:00:02.013: LoadLibraryA("Secur32.dll") called from "c:\windows\system32\ADVAPI32.DLL" at address 0x77DD5419 by thread 1.
  133. 00:00:02.033: LoadLibraryA("Secur32.dll") returned 0x77FE0000 by thread 1.
  134. 00:00:02.083: GetProcAddress(0x77FE0000 [c:\windows\system32\SECUR32.DLL], "GetUserNameExW") called from "c:\windows\system32\ADVAPI32.DLL" at address 0x77DD546E and returned 0x77FE1C70 by thread 1.
  135. 00:00:02.103: LoadLibraryA("USERENV.dll") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9FFB27 by thread 1.
  136. 00:00:02.123: LoadLibraryA("USERENV.dll") returned 0x769A0000 by thread 1.
  137. 00:00:02.173: GetProcAddress(0x769A0000 [c:\windows\system32\USERENV.DLL], "GetUserProfileDirectoryW") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9FFADE and returned 0x769A6357 by thread 1.
  138. 00:00:02.213: GetProcAddress(0x769A0000 [c:\windows\system32\USERENV.DLL], "GetAllUsersProfileDirectoryW") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9FFADE and returned 0x769A66A1 by thread 1.
  139. 00:00:02.263: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "IsProcessorFeaturePresent") called from "c:\windows\WELCOME.EXE" at address 0x0040766B and returned 0x7C80AEBA by thread 1.
  140. 00:00:02.314: DllMain(0x5D520000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\COMCTL32.DLL" called by thread 1.
  141. 00:00:02.334: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ReleaseActCtx") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D58F1F2 and returned 0x7C8130EF by thread 1.
  142. 00:00:02.354: DllMain(0x5D520000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\COMCTL32.DLL" returned 1 (0x1) by thread 1.
  143. 00:00:02.394: DllMain(0x773C0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" called by thread 1.
  144. 00:00:02.414: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ReleaseActCtx") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B616 and returned 0x7C8130EF by thread 1.
  145. 00:00:02.434: DllMain(0x773C0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" returned 1 (0x1) by thread 1.
  146. 00:00:02.474: DllMain(0x59410000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\apppatch\ACGENRAL.DLL" called by thread 1.
  147. 00:00:02.474: DllMain(0x59410000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\apppatch\ACGENRAL.DLL" returned 1 (0x1) by thread 1.
  148. 00:00:02.514: DllMain(0x5B1D0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\UXTHEME.DLL" called by thread 1.
  149. 00:00:02.514: DllMain(0x5B1D0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\UXTHEME.DLL" returned 1 (0x1) by thread 1.
  150. 00:00:02.554: DllMain(0x77BF0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\VERSION.DLL" called by thread 1.
  151. 00:00:02.554: DllMain(0x77BF0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\VERSION.DLL" returned 1 (0x1) by thread 1.
  152. 00:00:02.584: DllMain(0x77BD0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\MSACM32.DLL" called by thread 1.
  153. 00:00:02.594: DllMain(0x77BD0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\MSACM32.DLL" returned 1 (0x1) by thread 1.
  154. 00:00:02.624: DllMain(0x77110000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\OLEAUT32.DLL" called by thread 1.
  155. 00:00:02.624: DllMain(0x77110000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\OLEAUT32.DLL" returned 1 (0x1) by thread 1.
  156. 00:00:02.664: DllMain(0x71620000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\apppatch\ACLAYERS.DLL" called by thread 1.
  157. 00:00:02.664: DllMain(0x71620000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\apppatch\ACLAYERS.DLL" returned 1 (0x1) by thread 1.
  158. 00:00:02.704: DllMain(0x72F90000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\WINSPOOL.DRV" called by thread 1.
  159. 00:00:02.704: DllMain(0x72F90000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\WINSPOOL.DRV" returned 1 (0x1) by thread 1.
  160. 00:00:02.744: DllMain(0x769A0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\USERENV.DLL" called by thread 1.
  161. 00:00:02.744: DllMain(0x769A0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\USERENV.DLL" returned 1 (0x1) by thread 1.
  162. 00:00:02.774: DllMain(0x774D0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\OLE32.DLL" called by thread 1.
  163. 00:00:02.784: DllMain(0x774D0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\OLE32.DLL" returned 1 (0x1) by thread 1.
  164. 00:00:02.824: DllMain(0x76B20000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\WINMM.DLL" called by thread 1.
  165. 00:00:02.824: DllMain(0x76B20000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\WINMM.DLL" returned 1 (0x1) by thread 1.
  166. 00:00:02.864: DllMain(0x7C9C0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SHELL32.DLL" called by thread 1.
  167. 00:00:02.884: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ReleaseActCtx") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA29F3B and returned 0x7C8130EF by thread 1.
  168. 00:00:02.904: DllMain(0x7C9C0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SHELL32.DLL" returned 1 (0x1) by thread 1.
  169. 00:00:02.934: DllMain(0x77F60000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SHLWAPI.DLL" called by thread 1.
  170. 00:00:02.934: DllMain(0x77F60000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SHLWAPI.DLL" returned 1 (0x1) by thread 1.
  171. 00:00:02.974: DllMain(0x77C00000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\MSVCRT.DLL" called by thread 1.
  172. 00:00:02.974: DllMain(0x77C00000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\MSVCRT.DLL" returned 1 (0x1) by thread 1.
  173. 00:00:03.015: DllMain(0x77DC0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\ADVAPI32.DLL" called by thread 1.
  174. 00:00:03.015: DllMain(0x77DC0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\ADVAPI32.DLL" returned 1 (0x1) by thread 1.
  175. 00:00:03.065: DllMain(0x77E70000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\RPCRT4.DLL" called by thread 1.
  176. 00:00:03.065: DllMain(0x77E70000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\RPCRT4.DLL" returned 1 (0x1) by thread 1.
  177. 00:00:03.095: DllMain(0x77FE0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SECUR32.DLL" called by thread 1.
  178. 00:00:03.105: DllMain(0x77FE0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SECUR32.DLL" returned 1 (0x1) by thread 1.
  179. 00:00:03.135: DllMain(0x7E360000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\USER32.DLL" called by thread 1.
  180. 00:00:03.135: DllMain(0x7E360000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\USER32.DLL" returned 1 (0x1) by thread 1.
  181. 00:00:03.175: DllMain(0x77F10000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\GDI32.DLL" called by thread 1.
  182. 00:00:03.175: DllMain(0x77F10000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\GDI32.DLL" returned 1 (0x1) by thread 1.
  183. 00:00:03.215: DllMain(0x08370000, DLL_PROCESS_DETACH, 0x00000001) in "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" called by thread 1.
  184. 00:00:03.235: DllMain(0x08370000, DLL_PROCESS_DETACH, 0x00000001) in "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" returned 1 (0x1) by thread 1.
  185. 00:00:03.275: DllMain(0x7C800000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\KERNEL32.DLL" called by thread 1.
  186. 00:00:03.275: DllMain(0x7C800000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\KERNEL32.DLL" returned 1 (0x1) by thread 1.
  187. 00:00:03.315: DllMain(0x7C900000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\NTDLL.DLL" called by thread 1.
  188. 00:00:03.315: DllMain(0x7C900000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\NTDLL.DLL" returned 1 (0x1) by thread 1.
  189. 00:00:03.335: Thread 1 exited with code 0 (0x0).
  190. 00:00:03.355: Thread 2 started in "c:\windows\system32\KERNEL32.DLL" at address 0x7C8106E9.
  191. 00:00:03.375: Exited "c:\windows\WELCOME.EXE" (process 0x7BC) with code 0 (0x0) by thread 2.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!