Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- --------------------------------------------------------------------------------
- Starting profile on 2015-02-25 at 13:45:29
- Operating System: Microsoft Windows XP Professional (32-bit), version 5.01.2600 Dodatek Service Pack 3
- Program Executable: c:\windows\WELCOME.EXE
- Program Arguments:
- Starting Directory: C:\WINDOWS\
- Search Path: C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
- Options Selected:
- Simulate ShellExecute by inserting any App Paths directories into the PATH environment variable.
- Log DllMain calls for process attach and process detach messages.
- Log DllMain calls for all other messages, including thread attach and thread detach.
- Hook the process to gather more detailed dependency information.
- Log LoadLibrary function calls.
- Log GetProcAddress function calls.
- Log thread information.
- Use simple thread numbers instead of actual thread IDs.
- Log first chance exceptions.
- Log debug output messages.
- Use full paths when logging file names.
- Log a time stamp with each line of log.
- Automatically open and profile child processes.
- --------------------------------------------------------------------------------
- 00:00:00.000: Started "c:\windows\WELCOME.EXE" (process 0xE4) at address 0x00400000 by thread 1. Successfully hooked module.
- 00:00:00.000: Loaded "c:\windows\system32\NTDLL.DLL" at address 0x7C900000 by thread 1. Successfully hooked module.
- 00:00:00.060: Loaded "c:\windows\system32\KERNEL32.DLL" at address 0x7C800000 by thread 1. Successfully hooked module.
- 00:00:00.060: DllMain(0x7C900000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\NTDLL.DLL" called by thread 1.
- 00:00:00.060: DllMain(0x7C900000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\NTDLL.DLL" returned 1 (0x1) by thread 1.
- 00:00:00.060: DllMain(0x7C800000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\KERNEL32.DLL" called by thread 1.
- 00:00:00.060: DllMain(0x7C800000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\KERNEL32.DLL" returned 1 (0x1) by thread 1.
- 00:00:00.130: Injected "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" at address 0x08370000 by thread 1.
- 00:00:00.170: DllMain(0x08370000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" called by thread 1.
- 00:00:00.220: DllMain(0x08370000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" returned 1 (0x1) by thread 1.
- 00:00:00.260: Loaded "c:\windows\system32\USER32.DLL" at address 0x7E360000 by thread 1. Successfully hooked module.
- 00:00:00.270: Loaded "c:\windows\system32\GDI32.DLL" at address 0x77F10000 by thread 1. Successfully hooked module.
- 00:00:00.290: Loaded "c:\windows\system32\ADVAPI32.DLL" at address 0x77DC0000 by thread 1. Successfully hooked module.
- 00:00:00.310: Loaded "c:\windows\system32\RPCRT4.DLL" at address 0x77E70000 by thread 1. Successfully hooked module.
- 00:00:00.320: Loaded "c:\windows\system32\SECUR32.DLL" at address 0x77FE0000 by thread 1. Successfully hooked module.
- 00:00:00.350: Loaded "c:\windows\system32\SHELL32.DLL" at address 0x7C9C0000 by thread 1. Successfully hooked module.
- 00:00:00.370: Loaded "c:\windows\system32\MSVCRT.DLL" at address 0x77C00000 by thread 1. Successfully hooked module.
- 00:00:00.400: Loaded "c:\windows\system32\SHLWAPI.DLL" at address 0x77F60000 by thread 1. Successfully hooked module.
- 00:00:00.420: Loaded "c:\windows\system32\WINMM.DLL" at address 0x76B20000 by thread 1. Successfully hooked module.
- 00:00:00.420: Entrypoint reached. All implicit modules have been loaded.
- 00:00:00.430: Loaded "c:\windows\system32\SHIMENG.DLL" at address 0x5CFE0000 by thread 1. Successfully hooked module.
- 00:00:00.490: Loaded "c:\windows\apppatch\ACLAYERS.DLL" at address 0x71620000 by thread 1. Successfully hooked module.
- 00:00:00.560: Loaded "c:\windows\system32\OLE32.DLL" at address 0x774D0000 by thread 1. Successfully hooked module.
- 00:00:00.580: Loaded "c:\windows\system32\USERENV.DLL" at address 0x769A0000 by thread 1. Successfully hooked module.
- 00:00:00.600: Loaded "c:\windows\system32\WINSPOOL.DRV" at address 0x72F90000 by thread 1. Successfully hooked module.
- 00:00:00.610: DllMain(0x71620000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\apppatch\ACLAYERS.DLL" called by thread 1.
- 00:00:00.610: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "InitializeCriticalSectionAndSpinCount") called from "c:\windows\apppatch\ACLAYERS.DLL" at address 0x71661BE1 and returned 0x7C80B8B9 by thread 1.
- 00:00:00.620: DllMain(0x71620000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\apppatch\ACLAYERS.DLL" returned 1 (0x1) by thread 1.
- 00:00:00.641: Loaded "c:\windows\apppatch\ACGENRAL.DLL" at address 0x59410000 by thread 1. Successfully hooked module.
- 00:00:00.891: Loaded "c:\windows\system32\OLEAUT32.DLL" at address 0x77110000 by thread 1. Successfully hooked module.
- 00:00:00.931: Loaded "c:\windows\system32\MSACM32.DLL" at address 0x77BD0000 by thread 1. Successfully hooked module.
- 00:00:00.951: Loaded "c:\windows\system32\VERSION.DLL" at address 0x77BF0000 by thread 1. Successfully hooked module.
- 00:00:00.991: Loaded "c:\windows\system32\UXTHEME.DLL" at address 0x5B1D0000 by thread 1. Successfully hooked module.
- 00:00:00.991: DllMain(0x59410000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\apppatch\ACGENRAL.DLL" called by thread 1.
- 00:00:01.011: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "InitializeCriticalSectionAndSpinCount") called from "c:\windows\apppatch\ACGENRAL.DLL" at address 0x5943CFF5 and returned 0x7C80B8B9 by thread 1.
- 00:00:01.031: DllMain(0x59410000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\apppatch\ACGENRAL.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.051: GetProcAddress(0x7C900000 [c:\windows\system32\NTDLL.DLL], "RtlAddVectoredExceptionHandler") called from "c:\windows\apppatch\ACLAYERS.DLL" at address 0x71646497 and returned 0x7C936BFA by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "SetDllDirectoryW") called from "c:\windows\apppatch\ACGENRAL.DLL" at address 0x5942B031 and returned 0x7C85FBB8 by thread 1.
- 00:00:01.071: DllMain(0x77F10000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\GDI32.DLL" called by thread 1.
- 00:00:01.071: DllMain(0x77F10000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\GDI32.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.071: DllMain(0x7E360000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\USER32.DLL" called by thread 1.
- 00:00:01.071: DllMain(0x7E360000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\USER32.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.071: DllMain(0x77FE0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SECUR32.DLL" called by thread 1.
- 00:00:01.071: DllMain(0x77FE0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SECUR32.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.071: DllMain(0x77E70000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\RPCRT4.DLL" called by thread 1.
- 00:00:01.071: DllMain(0x77E70000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\RPCRT4.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.071: DllMain(0x77DC0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\ADVAPI32.DLL" called by thread 1.
- 00:00:01.071: DllMain(0x77DC0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\ADVAPI32.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.071: DllMain(0x77C00000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\MSVCRT.DLL" called by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "InitializeCriticalSectionAndSpinCount") called from "c:\windows\system32\MSVCRT.DLL" at address 0x77C279C2 and returned 0x7C80B8B9 by thread 1.
- 00:00:01.071: DllMain(0x77C00000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\MSVCRT.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.071: DllMain(0x77F60000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SHLWAPI.DLL" called by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateTimerQueue") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65CE9 and returned 0x7C82BFCE by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeleteTimerQueue") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65CF8 and returned 0x7C863DCB by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateTimerQueueTimer") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65D07 and returned 0x7C821165 by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ChangeTimerQueueTimer") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65D17 and returned 0x7C8127B3 by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeleteTimerQueueTimer") called from "c:\windows\system32\SHLWAPI.DLL" at address 0x77F65D25 and returned 0x7C821118 by thread 1.
- 00:00:01.071: DllMain(0x77F60000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SHLWAPI.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.071: DllMain(0x7C9C0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SHELL32.DLL" called by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateActCtxW") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA26B06 and returned 0x7C8154EC by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ActivateActCtx") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9E7679 and returned 0x7C80A6D4 by thread 1.
- 00:00:01.071: LoadLibraryW("comctl32.dll") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA26740 by thread 1.
- 00:00:01.071: Loaded "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x773C0000 by thread 1. Successfully hooked module.
- 00:00:01.071: DllMain(0x773C0000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" called by thread 1.
- 00:00:01.071: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "GetSystemWindowsDirectoryW") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B749 and returned 0x7C80ADB9 by thread 1.
- 00:00:01.111: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateActCtxW") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B5CC and returned 0x7C8154EC by thread 1.
- 00:00:01.151: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ActivateActCtx") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B65E and returned 0x7C80A6D4 by thread 1.
- 00:00:01.191: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeactivateActCtx") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B6B4 and returned 0x7C80A705 by thread 1.
- 00:00:01.211: DllMain(0x773C0000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.231: LoadLibraryW("comctl32.dll") returned 0x773C0000 by thread 1.
- 00:00:01.322: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeactivateActCtx") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9E76E4 and returned 0x7C80A705 by thread 1.
- 00:00:01.352: LoadLibraryW("comctl32.dll") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA2686E by thread 1.
- 00:00:01.402: Loaded "c:\windows\system32\COMCTL32.DLL" at address 0x5D520000 by thread 1. Successfully hooked module.
- 00:00:01.422: DllMain(0x5D520000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\COMCTL32.DLL" called by thread 1.
- 00:00:01.442: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "InitializeCriticalSectionAndSpinCount") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D525338 and returned 0x7C80B8B9 by thread 1.
- 00:00:01.482: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "CreateActCtxW") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D58F198 and returned 0x7C8154EC by thread 1.
- 00:00:01.512: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ProcessIdToSessionId") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D5254D8 and returned 0x7C813019 by thread 1.
- 00:00:01.552: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "GetSystemMetrics") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D5255CE and returned 0x7E368F9C by thread 1.
- 00:00:01.582: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "MonitorFromWindow") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D5255E3 and returned 0x7E37A679 by thread 1.
- 00:00:01.622: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "MonitorFromRect") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D5255F8 and returned 0x7E37C713 by thread 1.
- 00:00:01.652: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "MonitorFromPoint") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D52560D and returned 0x7E37ABF5 by thread 1.
- 00:00:01.692: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "EnumDisplayMonitors") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D525622 and returned 0x7E37A77B by thread 1.
- 00:00:01.732: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "EnumDisplayDevicesW") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D525637 and returned 0x7E36E03C by thread 1.
- 00:00:01.772: GetProcAddress(0x7E360000 [c:\windows\system32\USER32.DLL], "GetMonitorInfoW") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D525654 and returned 0x7E37A6D9 by thread 1.
- 00:00:01.812: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ActivateActCtx") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D58F24A and returned 0x7C80A6D4 by thread 1.
- 00:00:01.842: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "DeactivateActCtx") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D58F2AF and returned 0x7C80A705 by thread 1.
- 00:00:01.862: DllMain(0x5D520000, DLL_PROCESS_ATTACH, 0x00000000) in "c:\windows\system32\COMCTL32.DLL" returned 1 (0x1) by thread 1.
- 00:00:01.882: LoadLibraryW("comctl32.dll") returned 0x5D520000 by thread 1.
- 00:00:01.952: GetProcAddress(0x5D520000 [c:\windows\system32\COMCTL32.DLL], "InitCommonControlsEx") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA2687E and returned 0x5D523619 by thread 1.
- 00:00:01.972: DllMain(0x7C9C0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\SHELL32.DLL" returned 1 (0x1) by thread 1.
- 00:00:02.002: DllMain(0x76B20000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\WINMM.DLL" called by thread 1.
- 00:00:02.002: DllMain(0x76B20000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\WINMM.DLL" returned 1 (0x1) by thread 1.
- 00:00:02.043: DllMain(0x774D0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\OLE32.DLL" called by thread 1.
- 00:00:02.043: DllMain(0x774D0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\OLE32.DLL" returned 1 (0x1) by thread 1.
- 00:00:02.083: DllMain(0x769A0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\USERENV.DLL" called by thread 1.
- 00:00:02.083: DllMain(0x769A0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\USERENV.DLL" returned 1 (0x1) by thread 1.
- 00:00:02.123: DllMain(0x72F90000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\WINSPOOL.DRV" called by thread 1.
- 00:00:02.123: DllMain(0x72F90000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\WINSPOOL.DRV" returned 1 (0x1) by thread 1.
- 00:00:02.173: DllMain(0x77110000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\OLEAUT32.DLL" called by thread 1.
- 00:00:02.173: DllMain(0x77110000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\OLEAUT32.DLL" returned 1 (0x1) by thread 1.
- 00:00:02.203: DllMain(0x77BD0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\MSACM32.DLL" called by thread 1.
- 00:00:02.213: DllMain(0x77BD0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\MSACM32.DLL" returned 1 (0x1) by thread 1.
- 00:00:02.243: DllMain(0x77BF0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\VERSION.DLL" called by thread 1.
- 00:00:02.243: DllMain(0x77BF0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\VERSION.DLL" returned 1 (0x1) by thread 1.
- 00:00:02.283: DllMain(0x5B1D0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\UXTHEME.DLL" called by thread 1.
- 00:00:02.283: DllMain(0x5B1D0000, DLL_PROCESS_ATTACH, 0x0013FD30) in "c:\windows\system32\UXTHEME.DLL" returned 1 (0x1) by thread 1.
- 00:00:02.303: LoadLibraryA("Secur32.dll") called from "c:\windows\system32\ADVAPI32.DLL" at address 0x77DD5419 by thread 1.
- 00:00:02.323: LoadLibraryA("Secur32.dll") returned 0x77FE0000 by thread 1.
- 00:00:02.383: GetProcAddress(0x77FE0000 [c:\windows\system32\SECUR32.DLL], "GetUserNameExW") called from "c:\windows\system32\ADVAPI32.DLL" at address 0x77DD546E and returned 0x77FE1C70 by thread 1.
- 00:00:02.393: LoadLibraryA("USERENV.dll") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9FFB27 by thread 1.
- 00:00:02.413: LoadLibraryA("USERENV.dll") returned 0x769A0000 by thread 1.
- 00:00:02.473: GetProcAddress(0x769A0000 [c:\windows\system32\USERENV.DLL], "GetUserProfileDirectoryW") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9FFADE and returned 0x769A6357 by thread 1.
- 00:00:02.513: GetProcAddress(0x769A0000 [c:\windows\system32\USERENV.DLL], "GetAllUsersProfileDirectoryW") called from "c:\windows\system32\SHELL32.DLL" at address 0x7C9FFADE and returned 0x769A66A1 by thread 1.
- 00:00:02.573: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "IsProcessorFeaturePresent") called from "c:\windows\WELCOME.EXE" at address 0x0040766B and returned 0x7C80AEBA by thread 1.
- 00:00:02.613: LoadLibraryExW("C:\WINDOWS\system32\uxtheme.dll", 0x00000000, LOAD_WITH_ALTERED_SEARCH_PATH) called from "c:\windows\system32\USER32.DLL" at address 0x7E378055 by thread 1.
- 00:00:02.643: LoadLibraryExW("C:\WINDOWS\system32\uxtheme.dll", 0x00000000, LOAD_WITH_ALTERED_SEARCH_PATH) returned 0x5B1D0000 by thread 1.
- 00:00:02.663: LoadLibraryW("uxtheme.dll") called from "c:\windows\system32\UXTHEME.DLL" at address 0x5B1DA1EC by thread 1.
- 00:00:02.693: LoadLibraryW("uxtheme.dll") returned 0x5B1D0000 by thread 1.
- 00:00:02.724: Thread 2 started in "c:\windows\system32\KERNEL32.DLL" at address 0x7C8106E9.
- 00:00:02.774: DllMain(0x7C900000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\NTDLL.DLL" called by thread 2.
- 00:00:02.774: DllMain(0x7C900000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\NTDLL.DLL" returned 1 (0x1) by thread 2.
- 00:00:02.814: DllMain(0x7C800000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\KERNEL32.DLL" called by thread 2.
- 00:00:02.814: DllMain(0x7C800000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\KERNEL32.DLL" returned 1 (0x1) by thread 2.
- 00:00:02.834: DllMain(0x77DC0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\ADVAPI32.DLL" called by thread 2.
- 00:00:02.834: DllMain(0x77DC0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\ADVAPI32.DLL" returned 17890305 (0x110FC01) by thread 2.
- 00:00:02.874: DllMain(0x77E70000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\RPCRT4.DLL" called by thread 2.
- 00:00:02.874: DllMain(0x77E70000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\RPCRT4.DLL" returned 4294967041 (0xFFFFFF01) by thread 2.
- 00:00:02.914: DllMain(0x7C9C0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\SHELL32.DLL" called by thread 2.
- 00:00:02.914: DllMain(0x7C9C0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\SHELL32.DLL" returned 1 (0x1) by thread 2.
- 00:00:02.954: DllMain(0x77C00000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\MSVCRT.DLL" called by thread 2.
- 00:00:02.954: DllMain(0x77C00000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\MSVCRT.DLL" returned 1 (0x1) by thread 2.
- 00:00:02.994: DllMain(0x71620000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\apppatch\ACLAYERS.DLL" called by thread 2.
- 00:00:02.994: DllMain(0x71620000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\apppatch\ACLAYERS.DLL" returned 1 (0x1) by thread 2.
- 00:00:03.054: DllMain(0x774D0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\OLE32.DLL" called by thread 2.
- 00:00:03.054: DllMain(0x774D0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\OLE32.DLL" returned 1 (0x1) by thread 2.
- 00:00:03.094: DllMain(0x59410000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\apppatch\ACGENRAL.DLL" called by thread 2.
- 00:00:03.094: DllMain(0x59410000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\apppatch\ACGENRAL.DLL" returned 1 (0x1) by thread 2.
- 00:00:03.134: DllMain(0x77110000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\OLEAUT32.DLL" called by thread 2.
- 00:00:03.134: DllMain(0x77110000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\OLEAUT32.DLL" returned 1 (0x1) by thread 2.
- 00:00:03.174: DllMain(0x77BD0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\MSACM32.DLL" called by thread 2.
- 00:00:03.174: DllMain(0x77BD0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\MSACM32.DLL" returned 1 (0x1) by thread 2.
- 00:00:03.214: DllMain(0x77BF0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\VERSION.DLL" called by thread 2.
- 00:00:03.214: DllMain(0x77BF0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\VERSION.DLL" returned 1 (0x1) by thread 2.
- 00:00:03.254: DllMain(0x5B1D0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\UXTHEME.DLL" called by thread 2.
- 00:00:03.254: DllMain(0x5B1D0000, DLL_THREAD_ATTACH, 0x00000000) in "c:\windows\system32\UXTHEME.DLL" returned 1 (0x1) by thread 2.
- 00:00:03.264: LoadLibraryExW("C:\WINDOWS\system32\uxtheme.dll", 0x00000000, LOAD_WITH_ALTERED_SEARCH_PATH) called from "c:\windows\system32\USER32.DLL" at address 0x7E378055 by thread 1.
- 00:00:03.284: LoadLibraryExW("C:\WINDOWS\system32\uxtheme.dll", 0x00000000, LOAD_WITH_ALTERED_SEARCH_PATH) returned 0x5B1D0000 by thread 1.
- 00:00:03.304: LoadLibraryExW("C:\WINDOWS\system32\uxtheme.dll", 0x00000000, LOAD_WITH_ALTERED_SEARCH_PATH) called from "c:\windows\system32\USER32.DLL" at address 0x7E378055 by thread 1.
- 00:00:03.324: LoadLibraryExW("C:\WINDOWS\system32\uxtheme.dll", 0x00000000, LOAD_WITH_ALTERED_SEARCH_PATH) returned 0x5B1D0000 by thread 1.
- 00:00:03.344: LoadLibraryExW("C:\WINDOWS\system32\uxtheme.dll", 0x00000000, LOAD_WITH_ALTERED_SEARCH_PATH) called from "c:\windows\system32\USER32.DLL" at address 0x7E378055 by thread 1.
- 00:00:03.364: LoadLibraryExW("C:\WINDOWS\system32\uxtheme.dll", 0x00000000, LOAD_WITH_ALTERED_SEARCH_PATH) returned 0x5B1D0000 by thread 1.
- 00:00:03.404: DllMain(0x5D520000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\COMCTL32.DLL" called by thread 1.
- 00:00:03.425: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ReleaseActCtx") called from "c:\windows\system32\COMCTL32.DLL" at address 0x5D58F1F2 and returned 0x7C8130EF by thread 1.
- 00:00:03.445: DllMain(0x5D520000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\COMCTL32.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.485: DllMain(0x773C0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" called by thread 1.
- 00:00:03.515: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ReleaseActCtx") called from "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" at address 0x7744B616 and returned 0x7C8130EF by thread 1.
- 00:00:03.535: DllMain(0x773C0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.575: DllMain(0x59410000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\apppatch\ACGENRAL.DLL" called by thread 1.
- 00:00:03.575: DllMain(0x59410000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\apppatch\ACGENRAL.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.615: DllMain(0x5B1D0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\UXTHEME.DLL" called by thread 1.
- 00:00:03.615: DllMain(0x5B1D0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\UXTHEME.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.655: DllMain(0x77BF0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\VERSION.DLL" called by thread 1.
- 00:00:03.655: DllMain(0x77BF0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\VERSION.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.695: DllMain(0x77BD0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\MSACM32.DLL" called by thread 1.
- 00:00:03.695: DllMain(0x77BD0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\MSACM32.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.735: DllMain(0x77110000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\OLEAUT32.DLL" called by thread 1.
- 00:00:03.735: DllMain(0x77110000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\OLEAUT32.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.795: DllMain(0x71620000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\apppatch\ACLAYERS.DLL" called by thread 1.
- 00:00:03.795: DllMain(0x71620000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\apppatch\ACLAYERS.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.835: DllMain(0x72F90000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\WINSPOOL.DRV" called by thread 1.
- 00:00:03.835: DllMain(0x72F90000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\WINSPOOL.DRV" returned 1 (0x1) by thread 1.
- 00:00:03.875: DllMain(0x769A0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\USERENV.DLL" called by thread 1.
- 00:00:03.875: DllMain(0x769A0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\USERENV.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.915: DllMain(0x774D0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\OLE32.DLL" called by thread 1.
- 00:00:03.915: DllMain(0x774D0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\OLE32.DLL" returned 1 (0x1) by thread 1.
- 00:00:03.955: DllMain(0x76B20000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\WINMM.DLL" called by thread 1.
- 00:00:03.965: DllMain(0x76B20000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\WINMM.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.005: DllMain(0x7C9C0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SHELL32.DLL" called by thread 1.
- 00:00:04.025: GetProcAddress(0x7C800000 [c:\windows\system32\KERNEL32.DLL], "ReleaseActCtx") called from "c:\windows\system32\SHELL32.DLL" at address 0x7CA29F3B and returned 0x7C8130EF by thread 1.
- 00:00:04.045: DllMain(0x7C9C0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SHELL32.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.085: DllMain(0x77F60000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SHLWAPI.DLL" called by thread 1.
- 00:00:04.085: DllMain(0x77F60000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SHLWAPI.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.126: DllMain(0x77C00000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\MSVCRT.DLL" called by thread 1.
- 00:00:04.126: DllMain(0x77C00000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\MSVCRT.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.166: DllMain(0x77DC0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\ADVAPI32.DLL" called by thread 1.
- 00:00:04.166: DllMain(0x77DC0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\ADVAPI32.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.206: DllMain(0x77E70000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\RPCRT4.DLL" called by thread 1.
- 00:00:04.216: DllMain(0x77E70000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\RPCRT4.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.256: DllMain(0x77FE0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SECUR32.DLL" called by thread 1.
- 00:00:04.256: DllMain(0x77FE0000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\SECUR32.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.296: DllMain(0x7E360000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\USER32.DLL" called by thread 1.
- 00:00:04.296: DllMain(0x7E360000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\USER32.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.336: DllMain(0x77F10000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\GDI32.DLL" called by thread 1.
- 00:00:04.336: DllMain(0x77F10000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\GDI32.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.376: DllMain(0x08370000, DLL_PROCESS_DETACH, 0x00000001) in "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" called by thread 1.
- 00:00:04.396: DllMain(0x08370000, DLL_PROCESS_DETACH, 0x00000001) in "c:\documents and settings\fluttie\pulpit\DEPENDS.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.446: DllMain(0x7C800000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\KERNEL32.DLL" called by thread 1.
- 00:00:04.446: DllMain(0x7C800000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\KERNEL32.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.486: DllMain(0x7C900000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\NTDLL.DLL" called by thread 1.
- 00:00:04.486: DllMain(0x7C900000, DLL_PROCESS_DETACH, 0x00000001) in "c:\windows\system32\NTDLL.DLL" returned 1 (0x1) by thread 1.
- 00:00:04.516: Thread 1 exited with code 0 (0x0).
- 00:00:04.536: Exited "c:\windows\WELCOME.EXE" (process 0xE4) with code 0 (0x0) by thread 2.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement