Trainer V4.exe Up

[
0:07b0] :LAUNCHER: START

[
0:07b0] :LAUNCHER: real entry point 0x4cce80, module base 0x400000
[
0:07b0] :LAUNCHER: Running on WindowsXP Service Pack 3
[
0:07b0] :LAUNCHER: VERSION 2.5.13.2201 PRO
[
0:07b0] :BOXMAN: Initializing...
[
0:07b0] :BOXMAN: Executable: TRAINER V4.EXE 'C:\DOCUMENTS AND SETTINGS\CAB
INA9\MIS DOCUMENTOS\DOWNLOADS\TRAINER V4\TRAINER V4.EXE'
[
0:07b0] :BOXMAN: Loading package C:\DOCUMENTS AND SETTINGS\CABINA9\MIS DOC
UMENTOS\DOWNLOADS\TRAINER V4\TRAINER V4.EXE
[
0:07b0] :BOXMAN: *SELFEXECUTABLE* 0x0006df60:05702719:0x33:'TRAINER V4.EXE
'
[
1:07b0] :BOXMAN: Content (0 items) verified
[
1:07b0] :BOXMAN: Package C:\DOCUMENTS AND SETTINGS\CABINA9\MIS DOCUMENTOS\
DOWNLOADS\TRAINER V4\TRAINER V4.EXE loaded successful
[
1:07b0] :BOXMAN: packages pattern defined as ''
[
1:07b0] :BOX/CATALOG: TRAINER V4.EXE (C:\DOCUMENTS AND SETTINGS\CABINA9\MI
S DOCUMENTOS\DOWNLOADS\TRAINER V4\TRAINER V4.EXE)
[
1:07b0] :BOXMAN: Initialized successful
[
1:07b0] :WRAPPER: initialize wrappers
[
1:07b0] :WRAPPER:
kernel32.dll
SetUnhandledExceptionFilter = 0x7c
8449fd/0x004f9150
[
1:07b0] :WRAPPER:
kernel32.dll
CreateFileA = 0x7c
801a28/0x004fa930
[
1:07b0] :WRAPPER:
kernel32.dll
CreateFileW = 0x7c
8107f0/0x004fa990
[
1:07b0] :WRAPPER:
kernel32.dll
GetFileAttributesA = 0x7c
8115cc/0x004f9f00
[
1:07b0] :WRAPPER:
kernel32.dll
GetFileAttributesW = 0x7c
80b7dc/0x004f9f40
[
1:07b0] :WRAPPER:
kernel32.dll
ReadFile = 0x7c
801812/0x004faac0
[
1:07b0] :WRAPPER:
kernel32.dll
CloseHandle = 0x7c
809bd7/0x004faa90
[
1:07b0] :WRAPPER:
kernel32.dll
SetFilePointer = 0x7c
810c1e/0x004fab40
[
1:07b0] :WRAPPER:
kernel32.dll
GetFileSize = 0x7c
810b07/0x004fa030
[
1:07b0] :WRAPPER:
kernel32.dll
ExitProcess = 0x7c
81cafa/0x004f9600
[
1:07b0] :WRAPPER:
kernel32.dll
CreateFileMappingA = 0x7c
8094ee/0x004fab90
[
1:07b0] :WRAPPER:
kernel32.dll
CreateFileMappingW = 0x7c
809420/0x004fabe0
[
1:07b0] :WRAPPER:
kernel32.dll
MapViewOfFile = 0x7c
80b995/0x004fac30
[
1:07b0] :WRAPPER:
kernel32.dll
UnmapViewOfFile = 0x7c
80ba04/0x004fac80
[
1:07b0] :WRAPPER:
kernel32.dll
FreeLibrary = 0x7c
80ac6e/0x004fa700
[
1:07b0] :WRAPPER:
kernel32.dll
LoadLibraryA = 0x7c
801d7b/0x004fa370
[
1:07b0] :WRAPPER:
kernel32.dll
LoadLibraryW = 0x7c
80aedb/0x004fa470
[
1:07b0] :WRAPPER:
kernel32.dll
LoadLibraryExA = 0x7c
801d53/0x004fa390
[
1:07b0] :WRAPPER:
kernel32.dll
LoadLibraryExW = 0x7c
801af5/0x004fa490
[
1:07b0] :WRAPPER:
kernel32.dll
GetProcAddress = 0x7c
80ae30/0x004fa5c0
[
1:07b0] :WRAPPER:
kernel32.dll
FindFirstFileA = 0x7c
813869/0x004f9990
[
1:07b0] :WRAPPER:
80ef71/0x004f99e0
[
1:07b0] :WRAPPER:
80eb0d/0x004f9b60
[
1:07b0] :WRAPPER:
80ee67/0x004f9cf0
[
1:07b0] :WRAPPER:
834ec9/0x004f9d20
[
1:07b0] :WRAPPER:
80efca/0x004f9d60
[
1:07b0] :WRAPPER:
82196a/0x004facb0
[
1:07b0] :WRAPPER:
85f738/0x004fad70
[
1:07b0] :WRAPPER:
834e7c/0x004fadc0
[
1:07b0] :WRAPPER:
8353e6/0x004fae70
[
1:07b0] :WRAPPER:
83541e/0x004fae20
[
1:07b0] :WRAPPER:
80b731/0x004fa4b0
[
1:07b0] :WRAPPER:
80e4cd/0x004fa4f0
[
1:07b0] :WRAPPER:
80e76c/0x004f9830
[
1:07b0] :WRAPPER:
8217d2/0x004f9790
[
1:07b0] :WRAPPER:
832b6e/0x004fa0c0
[
1:07b0] :WRAPPER:
83644c/0x004fa180
[
1:07b0] :WRAPPER:
832dbf/0x004fa220
[
1:07b0] :WRAPPER:
835f39/0x004fa280
[
1:07b0] :WRAPPER:
810cfd/0x004f9e30
[
1:07b0] :WRAPPER:
832379/0x004f9e70
[
1:07b0] :WRAPPER:
8322d4/0x004f9ec0
[
1:07b0] :WRAPPER:
80b55f/0x004fa070
[
1:07b0] :WRAPPER:
f0a005/0x004fa8b0
[
1:07b0] :WRAPPER:
f09d62/0x004fa8f0
[
1:07b0] :WRAPPER:
3a7c08/0x004fa840
[
3:07b0] :WRAPPER:
4d057e/0x004f84f0
[
3:07b0] :WRAPPER:
4d0526/0x004f88a0
[
3:07b0] :WRAPPER:
4e56c5/0x004f8b20
[
3:07b0] :WRAPPER:
139706/0x004f8dc0
[
3:07b0] :WRAPPER:
kernel32.dll
FindFirstFileW = 0x7c
kernel32.dll
FindFirstFileExW = 0x7c
kernel32.dll
FindClose = 0x7c
kernel32.dll
FindNextFileA = 0x7c
kernel32.dll
FindNextFileW = 0x7c
kernel32.dll
OpenFile = 0x7c
kernel32.dll
_lopen = 0x7c
kernel32.dll
_lclose = 0x7c
kernel32.dll
_lread = 0x7c
kernel32.dll
_llseek = 0x7c
kernel32.dll
GetModuleHandleA = 0x7c
kernel32.dll
GetModuleHandleW = 0x7c
kernel32.dll
SearchPathW = 0x7c
kernel32.dll
SearchPathA = 0x7c
kernel32.dll
GetPrivateProfileStringA = 0x7c
kernel32.dll
GetPrivateProfileIntA = 0x7c
kernel32.dll
GetPrivateProfileSectionNamesA = 0x7c
kernel32.dll
GetPrivateProfileSectionA = 0x7c
kernel32.dll
GetFileInformationByHandle = 0x7c
kernel32.dll
LockFile = 0x7c
kernel32.dll
UnlockFile = 0x7c
kernel32.dll
GetModuleFileNameA = 0x7c
gdi32.dll
AddFontResourceA = 0x77
gdi32.dll
RemoveFontResourceA = 0x77
user32.dll
LoadImageA = 0x7e
ole32.dll
CoCreateInstance = 0x77
ole32.dll
CoCreateInstanceEx = 0x77
ole32.dll
CoGetClassObject = 0x77
oleaut32.dll
GetRecordInfoFromGuids = 0x77
oleaut32.dll
LoadRegTypeLib = 0x77
0f9d5a/0x004f8fe0
[
3:07b0] :LAUNCHER: prepare 3 sections, packbits 0x2
[
3:07b0] :LAUNCHER:SECTION:(encrypted) raw_size: 0x0(0), virtual: 0x1000
[
3:07b0] :LAUNCHER:SECTION:(encrypted & compressed) raw_size: 0x41a00(26880
0), virtual: 0x8b000
[
29:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'KERNEL32.DLL'
[
29:07b0] :LAUNCHER: EXECUTABLE->KERNEL32.DLL TimeDateStamp: 00000000, handl
e 7c800000
[
29:07b0] :WRAPPER:LoadLibrary: KERNEL32.DLL, handle is 7c800000
[
29:07b0] :LAUNCHER:EXECUTABLE:0x004e9624 -> 0x7c801d7b: LoadLibraryA!KERNEL
32.DLL
[
29:07b0] :LAUNCHER:WRAPPER: EXECUTABLE -> KERNEL32.DLL!0x7c801d7b = LoadLib
raryA
[
29:07b0] :LAUNCHER:EXECUTABLE:0x004e9628 -> 0x7c80ae30: GetProcAddress!KERN
EL32.DLL
[
29:07b0] :LAUNCHER:WRAPPER: EXECUTABLE -> KERNEL32.DLL!0x7c80ae30 = GetProc
Address
[
30:07b0] :LAUNCHER:EXECUTABLE:0x004e962c -> 0x7c801ad4: VirtualProtect!KERN
EL32.DLL
[
30:07b0] :LAUNCHER:EXECUTABLE:0x004e9630 -> 0x7c809ae1: VirtualAlloc!KERNEL
32.DLL
[
30:07b0] :LAUNCHER:EXECUTABLE:0x004e9634 -> 0x7c809b74: VirtualFree!KERNEL3
2.DLL
[
30:07b0] :LAUNCHER:EXECUTABLE:0x004e9638 -> 0x7c81cafa: ExitProcess!KERNEL3
2.DLL
[
30:07b0] :LAUNCHER:WRAPPER: EXECUTABLE -> KERNEL32.DLL!0x7c81cafa = ExitPro
cess
[
30:07b0] :LAUNCHER: EXECUTABLE->KERNEL32.DLL Stamped
[
30:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'ADVAPI32.dll'
[
30:07b0] :LAUNCHER: EXECUTABLE->ADVAPI32.dll TimeDateStamp: 00000000, handl
e 77da0000
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c801af5 = LoadL
ibraryExW
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c80eb0d = FindF
irstFileExW
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c80efca = FindN
extFileW
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c801a28 = Creat
eFileA
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c80e4cd = GetMo
duleHandleW
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c809420 = Creat
eFileMappingW
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c8449fd = SetUn
handledExceptionFilter
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c82196a = OpenF
ile
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c810b07 = GetFi
leSize
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c834e7c = _lclo
se
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c80e76c = Searc
hPathW
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c810c1e = SetFi
lePointer
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c80b731 = GetMo
duleHandleA
[
30:07b0] :LAUNCHER:WRAPPER: ADVAPI32.dll -> KERNEL32.dll!0x7c80aedb = LoadL
ibraryW
[
30:07b0] :LAUNCHER:WRAPPER:
ibrary
[
ile
[
ViewOfFile
[
eFileW
[
eFileMappingA
[
ewOfFile
[
ibraryA
[
ocAddress
[
leAttributesW
[
irstFileW
[
lose
[
ileW
[
leFileNameA
[
raryA
[
ewOfFile
[
raryW
[
Address
[
ndle
[
rary
[
ndledExceptionFilter
[
leHandleW
[
andledExceptionFilter
[
braryA
[
uleHandleW
[
PathW
[
FileW
[
andle
[
braryW
[
cAddress
[
ADVAPI32.dll -> KERNEL32.dll!0x7c80ac6e = FreeL

ADVAPI32.dll -> KERNEL32.dll!0x7c801812 = ReadF
ADVAPI32.dll -> KERNEL32.dll!0x7c80ba04 = Unmap
ADVAPI32.dll -> KERNEL32.dll!0x7c8107f0 = Creat
ADVAPI32.dll -> KERNEL32.dll!0x7c8094ee = Creat
ADVAPI32.dll -> KERNEL32.dll!0x7c80b995 = MapVi
ADVAPI32.dll -> KERNEL32.dll!0x7c801d7b = LoadL
ADVAPI32.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
ADVAPI32.dll -> KERNEL32.dll!0x7c80b7dc = GetFi
ADVAPI32.dll -> KERNEL32.dll!0x7c80ef71 = FindF
ADVAPI32.dll -> KERNEL32.dll!0x7c80ee67 = FindC
RPCRT4.dll -> KERNEL32.dll!0x7c8107f0 = CreateF
RPCRT4.dll -> KERNEL32.dll!0x7c80b55f = GetModu
RPCRT4.dll -> KERNEL32.dll!0x7c801d7b = LoadLib
RPCRT4.dll -> KERNEL32.dll!0x7c80ba04 = UnmapVi
RPCRT4.dll -> KERNEL32.dll!0x7c80aedb = LoadLib
RPCRT4.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
RPCRT4.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
RPCRT4.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
RPCRT4.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
RPCRT4.dll -> KERNEL32.dll!0x7c80e4cd = GetModu
Secur32.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
Secur32.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
Secur32.dll -> KERNEL32.dll!0x7c80e4cd = GetMod
Secur32.dll -> KERNEL32.dll!0x7c80e76c = Search
Secur32.dll -> KERNEL32.dll!0x7c8107f0 = Create
Secur32.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
Secur32.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
Secur32.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
Secur32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[
30:07b0] :WRAPPER:LoadLibrary: ADVAPI32.dll, handle is 77da0000
[
30:07b0] :LAUNCHER:EXECUTABLE:0x004e9640 -> 0x77db4c13: GetAce!ADVAPI32.dll
[
30:07b0] :LAUNCHER: EXECUTABLE->ADVAPI32.dll Stamped
[
30:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'COMCTL32.dll'
[
31:07b0] :LAUNCHER: EXECUTABLE->COMCTL32.dll TimeDateStamp: 00000000, handl
e 00000000
[
31:07b0] :WRAPPER:LoadLibrary: COMCTL32.dll
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c80ee67 = FindClo
se
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c813869 = FindFir
stFileA
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c834ec9 = FindNex
tFileA
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c80ef71 = FindFir
stFileW
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c80efca = FindNex
tFileW
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c8115cc = GetFile
AttributesA
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c80b7dc = GetFile
AttributesW
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
ndle
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
Address
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c801d7b = LoadLib
raryA
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
rary
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c80b731 = GetModu
leHandleA
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c80b55f = GetModu
leFileNameA
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c810cfd = GetFile
InformationByHandle
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c832379 = LockFil
e
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c8322d4 = UnlockF
ile
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c810c1e = SetFile
Pointer
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c801a28 = CreateF
ileA
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c801812 = ReadFil
e
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c8107f0 = CreateF
ileW
[
35:07b0] :LAUNCHER:WRAPPER: msvcrt.dll -> KERNEL32.dll!0x7c81cafa = ExitPro
cess
[
36:07b0] :LAUNCHER:WRAPPER: GDI32.dll -> KERNEL32.dll!0x7c80ba04 = UnmapVie
wOfFile
[
36:07b0] :LAUNCHER:WRAPPER: GDI32.dll -> KERNEL32.dll!0x7c8449fd = SetUnhan
dledExceptionFilter
[
36:07b0] :LAUNCHER:WRAPPER: GDI32.dll -> KERNEL32.dll!0x7c801af5 = LoadLibr
aryExW
[
36:07b0] :LAUNCHER:WRAPPER: GDI32.dll -> KERNEL32.dll!0x7c801d7b = LoadLibr
aryA
[
ointer
[
leMappingW
[
ary
[
ddress
[
aryW
[
thW
[
dle
[
leW
[
fFile
[
leHandleW
[
athW
[
raryExW
[
ndle
[
ewOfFile
[
OfFile
[
ileMappingW
[
Size
[
e
[
se
[
tFileW
[
stFileW
[
leFileNameA
[
leHandleA
[
raryA
[
[
Address
[
raryW
[
rary
[
ileW
[
GDI32.dll -> KERNEL32.dll!0x7c810c1e = SetFileP

GDI32.dll -> KERNEL32.dll!0x7c809420 = CreateFi
GDI32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLibr
GDI32.dll -> KERNEL32.dll!0x7c80ae30 = GetProcA
GDI32.dll -> KERNEL32.dll!0x7c80aedb = LoadLibr
GDI32.dll -> KERNEL32.dll!0x7c80e76c = SearchPa
GDI32.dll -> KERNEL32.dll!0x7c809bd7 = CloseHan
GDI32.dll -> KERNEL32.dll!0x7c8107f0 = CreateFi
GDI32.dll -> KERNEL32.dll!0x7c80b995 = MapViewO
USER32.dll -> KERNEL32.dll!0x7c80e4cd = GetModu
USER32.dll -> KERNEL32.dll!0x7c80e76c = SearchP
USER32.dll -> KERNEL32.dll!0x7c801af5 = LoadLib
USER32.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
USER32.dll -> KERNEL32.dll!0x7c80ba04 = UnmapVi
USER32.dll -> KERNEL32.dll!0x7c80b995 = MapView
USER32.dll -> KERNEL32.dll!0x7c809420 = CreateF
USER32.dll -> KERNEL32.dll!0x7c810b07 = GetFile
USER32.dll -> KERNEL32.dll!0x7c801812 = ReadFil
USER32.dll -> KERNEL32.dll!0x7c80ee67 = FindClo
USER32.dll -> KERNEL32.dll!0x7c80efca = FindNex
USER32.dll -> KERNEL32.dll!0x7c80ef71 = FindFir
USER32.dll -> KERNEL32.dll!0x7c80b55f = GetModu
USER32.dll -> KERNEL32.dll!0x7c80b731 = GetModu
USER32.dll -> KERNEL32.dll!0x7c801d7b = LoadLib
USER32.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
USER32.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
USER32.dll -> KERNEL32.dll!0x7c80aedb = LoadLib
USER32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
USER32.dll -> KERNEL32.dll!0x7c8107f0 = CreateF
COMCTL32.dll -> KERNEL32.dll!0x7c8449fd = SetUn
[
ocAddress
[
ibrary
[
ibraryA
[
Handle
[
ibraryW
[
duleHandleW
[
lose
[
extFileW
[
irstFileW
[
ewOfFile
[
eFileMappingW
[
leSize
[
eFileW
[
ViewOfFile
[
duleHandleA
[
ePointer
[
FileA
[
[
eAttributesA
[
PathA
[
ose
[
xtFileA
[
rstFileA
[
xtFileW
[
FileW
[
rstFileW
[
eAttributesW
[
PathW
[
uleHandleA
[
uleHandleW
COMCTL32.dll -> KERNEL32.dll!0x7c80ae30 = GetPr

COMCTL32.dll -> KERNEL32.dll!0x7c80ac6e = FreeL
COMCTL32.dll -> KERNEL32.dll!0x7c801d7b = LoadL
COMCTL32.dll -> KERNEL32.dll!0x7c809bd7 = Close
COMCTL32.dll -> KERNEL32.dll!0x7c80aedb = LoadL
COMCTL32.dll -> KERNEL32.dll!0x7c80e4cd = GetMo
COMCTL32.dll -> KERNEL32.dll!0x7c80ee67 = FindC
COMCTL32.dll -> KERNEL32.dll!0x7c80efca = FindN
COMCTL32.dll -> KERNEL32.dll!0x7c80ef71 = FindF
COMCTL32.dll -> KERNEL32.dll!0x7c80b995 = MapVi
COMCTL32.dll -> KERNEL32.dll!0x7c809420 = Creat
COMCTL32.dll -> KERNEL32.dll!0x7c810b07 = GetFi
COMCTL32.dll -> KERNEL32.dll!0x7c8107f0 = Creat
COMCTL32.dll -> KERNEL32.dll!0x7c80ba04 = Unmap
COMCTL32.dll -> KERNEL32.dll!0x7c80b731 = GetMo
SHLWAPI.dll -> KERNEL32.dll!0x7c810c1e = SetFil
SHLWAPI.dll -> KERNEL32.dll!0x7c801a28 = Create
SHLWAPI.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
SHLWAPI.dll -> KERNEL32.dll!0x7c8115cc = GetFil
SHLWAPI.dll -> KERNEL32.dll!0x7c8217d2 = Search
SHLWAPI.dll -> KERNEL32.dll!0x7c80ee67 = FindCl
SHLWAPI.dll -> KERNEL32.dll!0x7c834ec9 = FindNe
SHLWAPI.dll -> KERNEL32.dll!0x7c813869 = FindFi
SHLWAPI.dll -> KERNEL32.dll!0x7c80efca = FindNe
SHLWAPI.dll -> KERNEL32.dll!0x7c8107f0 = Create
SHLWAPI.dll -> KERNEL32.dll!0x7c80ef71 = FindFi
SHLWAPI.dll -> KERNEL32.dll!0x7c80b7dc = GetFil
SHLWAPI.dll -> KERNEL32.dll!0x7c80e76c = Search
SHLWAPI.dll -> KERNEL32.dll!0x7c80b731 = GetMod
SHLWAPI.dll -> KERNEL32.dll!0x7c80e4cd = GetMod
[
36:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c83644c = GetPri
vateProfileIntA
[
36:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c801d53 = LoadLi
braryExA
[
36:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c801af5 = LoadLi
braryExW
[
36:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[
36:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c832b6e = GetPri
vateProfileStringA
[
36:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c801812 = ReadFi
le
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c810b07 = GetFil
eSize
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c810cfd = GetFil
eInformationByHandle
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c80b55f = GetMod
uleFileNameA
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c8094ee = Create
FileMappingA
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c80b995 = MapVie
wOfFile
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c80ba04 = UnmapV
iewOfFile
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[
37:07b0] :LAUNCHER:WRAPPER: SHLWAPI.dll -> USER32.dll!0x7e3a7c08 = LoadImag
eA
[
37:07b0] :WRAPPER:LoadLibrary: COMCTL32.dll, handle is 773a0000
[
37:07b0] :LAUNCHER:EXECUTABLE:0x004e9648 -> 0x773b5582: ImageList_Remove!CO
MCTL32.dll
[
37:07b0] :LAUNCHER: EXECUTABLE->COMCTL32.dll Stamped
[
37:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'COMDLG32.dll'
[
37:07b0] :LAUNCHER: EXECUTABLE->COMDLG32.dll TimeDateStamp: 00000000, handl
e 00000000
[
37:07b0] :WRAPPER:LoadLibrary: COMDLG32.dll
[
41:07b0] :LAUNCHER:WRAPPER: COMDLG32.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
ocAddress
[
41:07b0] :LAUNCHER:WRAPPER: COMDLG32.dll -> KERNEL32.dll!0x7c80e4cd = GetMo
duleHandleW
[
41:07b0] :LAUNCHER:WRAPPER: COMDLG32.dll -> KERNEL32.dll!0x7c80ac6e = FreeL
ibrary
[
41:07b0] :LAUNCHER:WRAPPER: COMDLG32.dll -> KERNEL32.dll!0x7c801d7b = LoadL
ibraryA
[
41:07b0] :LAUNCHER:WRAPPER: COMDLG32.dll -> KERNEL32.dll!0x7c8449fd = SetUn
[
41:07b0] :LAUNCHER:WRAPPER: COMDLG32.dll -> KERNEL32.dll!0x7c80aedb = LoadL
ibraryW
[
41:07b0] :LAUNCHER:WRAPPER: COMDLG32.dll -> KERNEL32.dll!0x7c80b7dc = GetFi
leAttributesW
[
41:07b0] :LAUNCHER:WRAPPER: COMDLG32.dll -> KERNEL32.dll!0x7c80ef71 = FindF
irstFileW
[
41:07b0] :LAUNCHER:WRAPPER: COMDLG32.dll -> KERNEL32.dll!0x7c80efca = FindN
extFileW
[
lose
[
Handle
[
duleHandleA
[
eFileW
[
uleHandleA
[
rstFileA
[
xtFileA
[
[
ocess
[
rstFileExW
[
[
braryA
[
eAttributesA
[
eSize
[
FileMappingW
[
wOfFile
[
iewOfFile
[
uleHandleW
[
PathW
[
e
[
[
braryW
[
cAddress
[
FileW
[
le
[
eAttributesW
[
rstFileW
[
xtFileW
[
ose
[
andle
[
COMDLG32.dll -> KERNEL32.dll!0x7c80ee67 = FindC

COMDLG32.dll -> KERNEL32.dll!0x7c809bd7 = Close
COMDLG32.dll -> KERNEL32.dll!0x7c80b731 = GetMo
COMDLG32.dll -> KERNEL32.dll!0x7c8107f0 = Creat
SHELL32.dll -> KERNEL32.dll!0x7c80b731 = GetMod
SHELL32.dll -> KERNEL32.dll!0x7c813869 = FindFi
SHELL32.dll -> KERNEL32.dll!0x7c834ec9 = FindNe
SHELL32.dll -> KERNEL32.dll!0x7c810cfd = GetFil
SHELL32.dll -> KERNEL32.dll!0x7c81cafa = ExitPr
SHELL32.dll -> KERNEL32.dll!0x7c80eb0d = FindFi
SHELL32.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
SHELL32.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
SHELL32.dll -> KERNEL32.dll!0x7c8115cc = GetFil
SHELL32.dll -> KERNEL32.dll!0x7c810b07 = GetFil
SHELL32.dll -> KERNEL32.dll!0x7c809420 = Create
SHELL32.dll -> KERNEL32.dll!0x7c80b995 = MapVie
SHELL32.dll -> KERNEL32.dll!0x7c80ba04 = UnmapV
SHELL32.dll -> KERNEL32.dll!0x7c80e4cd = GetMod
SHELL32.dll -> KERNEL32.dll!0x7c80e76c = Search
SHELL32.dll -> KERNEL32.dll!0x7c834e7c = _lclos
SHELL32.dll -> KERNEL32.dll!0x7c8353e6 = _lread
SHELL32.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
SHELL32.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
SHELL32.dll -> KERNEL32.dll!0x7c8107f0 = Create
SHELL32.dll -> KERNEL32.dll!0x7c801812 = ReadFi
SHELL32.dll -> KERNEL32.dll!0x7c80b7dc = GetFil
SHELL32.dll -> KERNEL32.dll!0x7c80ef71 = FindFi
SHELL32.dll -> KERNEL32.dll!0x7c80efca = FindNe
SHELL32.dll -> KERNEL32.dll!0x7c80ee67 = FindCl
SHELL32.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
SHELL32.dll -> KERNEL32.dll!0x7c810c1e = SetFil
ePointer
[
41:07b0] :LAUNCHER:WRAPPER: SHELL32.dll -> KERNEL32.dll!0x7c801af5 = LoadLi
braryExW
[
41:07b0] :LAUNCHER:WRAPPER: SHELL32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[
41:07b0] :LAUNCHER:WRAPPER: SHELL32.dll -> KERNEL32.dll!0x7c801d53 = LoadLi
braryExA
[
41:07b0] :WRAPPER:LoadLibrary: COMDLG32.dll, handle is 76360000
[
41:07b0] :LAUNCHER:EXECUTABLE:0x004e9650 -> 0x76377c2b: GetSaveFileNameW!CO
MDLG32.dll
[
41:07b0] :LAUNCHER: EXECUTABLE->COMDLG32.dll Stamped
[
41:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'GDI32.dll'
[
41:07b0] :LAUNCHER: EXECUTABLE->GDI32.dll TimeDateStamp: 00000000, handle 7
7ef0000
[
41:07b0] :WRAPPER:LoadLibrary: GDI32.dll, handle is 77ef0000
[
41:07b0] :LAUNCHER:EXECUTABLE:0x004e9658 -> 0x77efd987: LineTo!GDI32.dll
[
41:07b0] :LAUNCHER: EXECUTABLE->GDI32.dll Stamped
[
41:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'MPR.dll'
[
42:07b0] :LAUNCHER: EXECUTABLE->MPR.dll TimeDateStamp: 00000000, handle 000
00000
[
42:07b0] :WRAPPER:LoadLibrary: MPR.dll
[
42:07b0] :LAUNCHER:WRAPPER: MPR.dll -> KERNEL32.dll!0x7c801d7b = LoadLibrar
yA
[
42:07b0] :LAUNCHER:WRAPPER: MPR.dll -> KERNEL32.dll!0x7c8449fd = SetUnhandl
edExceptionFilter
[
42:07b0] :LAUNCHER:WRAPPER: MPR.dll -> KERNEL32.dll!0x7c80ac6e = FreeLibrar
y
[
42:07b0] :LAUNCHER:WRAPPER: MPR.dll -> KERNEL32.dll!0x7c801af5 = LoadLibrar
yExW
[
42:07b0] :LAUNCHER:WRAPPER: MPR.dll -> KERNEL32.dll!0x7c80ae30 = GetProcAdd
ress
[
42:07b0] :LAUNCHER:WRAPPER: MPR.dll -> KERNEL32.dll!0x7c809bd7 = CloseHandl
e
[
42:07b0] :WRAPPER:LoadLibrary: MPR.dll, handle is 71aa0000
[
42:07b0] :LAUNCHER:EXECUTABLE:0x004e9660 -> 0x71aa1e09: WNetGetConnectionW!
MPR.dll
[
42:07b0] :LAUNCHER: EXECUTABLE->MPR.dll Stamped
[
42:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'ole32.dll'
[
42:07b0] :LAUNCHER: EXECUTABLE->ole32.dll TimeDateStamp: 00000000, handle 7
74b0000
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80b7dc = GetFileA
ttributesW
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80ae30 = GetProcA
ddress
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c801d7b = LoadLibr
aryA
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c809bd7 = CloseHan
dle
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLibr
ary
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80aedb = LoadLibr
aryW
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c8107f0 = CreateFi
leW
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80ee67 = FindClos
e
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80ef71 = FindFirs
tFileW
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80e4cd = GetModul
eHandleW
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c801af5 = LoadLibr
aryExW
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c801812 = ReadFile
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c810c1e = SetFileP
ointer
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c809420 = CreateFi
leMappingW
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80b995 = MapViewO
fFile
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80ba04 = UnmapVie
wOfFile
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c801d53 = LoadLibr
aryExA
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c80e76c = SearchPa
thW
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c832379 = LockFile
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c8322d4 = UnlockFi
le
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c810b07 = GetFileS
ize
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c810cfd = GetFileI
nformationByHandle
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c8094ee = CreateFi
leMappingA
[
42:07b0] :LAUNCHER:WRAPPER: ole32.dll -> KERNEL32.dll!0x7c8449fd = SetUnhan
dledExceptionFilter
[
43:07b0] :WRAPPER:LoadLibrary: ole32.dll, handle is 774b0000
[
43:07b0] :LAUNCHER:EXECUTABLE:0x004e9668 -> 0x774d2a53: CoInitialize!ole32.
dll
[
43:07b0] :LAUNCHER: EXECUTABLE->ole32.dll Stamped
[
43:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'OLEAUT32.dll'
[
43:07b0] :LAUNCHER: EXECUTABLE->OLEAUT32.dll TimeDateStamp: 00000000, handl
e 770f0000
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c80ac6e = FreeL
ibrary
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c801d7b = LoadL
ibraryA
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c834e7c = _lclo
se
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c8353e6 = _lrea
d
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c83541e = _llse
ek
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c801a28 = Creat
eFileA
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c8107f0 = Creat
eFileW
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c80aedb = LoadL
ibraryW
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c8217d2 = Searc
hPathA
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c80e76c = Searc
hPathW
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c80ba04 = Unmap
ViewOfFile
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c80b995 = MapVi
ewOfFile
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c8094ee = Creat
eFileMappingA
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c810b07 = GetFi
leSize
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c8449fd = SetUn
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
ocAddress
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> KERNEL32.dll!0x7c80b731 = GetMo
duleHandleA
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> ole32.dll!0x774d057e = CoCreate
Instance
[
43:07b0] :LAUNCHER:WRAPPER: OLEAUT32.dll -> ole32.dll!0x774e56c5 = CoGetCla
ssObject
[
43:07b0] :WRAPPER:LoadLibrary: OLEAUT32.dll, handle is 770f0000
[
43:07b0] :LAUNCHER:EXECUTABLE:0x004e9670 -> 0x770f4950: 8!OLEAUT32.dll
[
43:07b0] :LAUNCHER: EXECUTABLE->OLEAUT32.dll Stamped
[
43:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'PSAPI.DLL'
[
43:07b0] :LAUNCHER: EXECUTABLE->PSAPI.DLL TimeDateStamp: 00000000, handle 0
0000000
[
43:07b0] :WRAPPER:LoadLibrary: PSAPI.DLL
[
43:07b0] :LAUNCHER:WRAPPER: PSAPI.DLL -> KERNEL32.dll!0x7c801d7b = LoadLibr
aryA
[
43:07b0] :LAUNCHER:WRAPPER: PSAPI.DLL -> KERNEL32.dll!0x7c80ac6e = FreeLibr
ary
[
43:07b0] :LAUNCHER:WRAPPER: PSAPI.DLL -> KERNEL32.dll!0x7c80ae30 = GetProcA
ddress
[
43:07b0] :LAUNCHER:WRAPPER: PSAPI.DLL -> KERNEL32.dll!0x7c8449fd = SetUnhan
dledExceptionFilter
[
43:07b0] :LAUNCHER:WRAPPER: PSAPI.DLL -> KERNEL32.dll!0x7c80b995 = MapViewO
fFile
[
43:07b0] :LAUNCHER:WRAPPER: PSAPI.DLL -> KERNEL32.dll!0x7c80ba04 = UnmapVie
wOfFile
[
43:07b0] :LAUNCHER:WRAPPER: PSAPI.DLL -> KERNEL32.dll!0x7c801a28 = CreateFi
leA
[
43:07b0] :LAUNCHER:WRAPPER: PSAPI.DLL -> KERNEL32.dll!0x7c809bd7 = CloseHan
dle
[
44:07b0] :WRAPPER:LoadLibrary: PSAPI.DLL, handle is 76bb0000
[
44:07b0] :LAUNCHER:EXECUTABLE:0x004e9678 -> 0x76bb3a76: EnumProcesses!PSAPI
.DLL
[
44:07b0] :LAUNCHER: EXECUTABLE->PSAPI.DLL Stamped
[
44:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'SHELL32.dll'
[
44:07b0] :LAUNCHER: EXECUTABLE->SHELL32.dll TimeDateStamp: 00000000, handle
7e6a0000
[
44:07b0] :WRAPPER:LoadLibrary: SHELL32.dll, handle is 7e6a0000
[
44:07b0] :LAUNCHER:EXECUTABLE:0x004e9680 -> 0x7e757c18: DragFinish!SHELL32.
dll
[
44:07b0] :LAUNCHER: EXECUTABLE->SHELL32.dll Stamped
[
44:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'USER32.dll'
[
44:07b0] :LAUNCHER: EXECUTABLE->USER32.dll TimeDateStamp: 00000000, handle
7e390000
[
44:07b0] :WRAPPER:LoadLibrary: USER32.dll, handle is 7e390000
[
44:07b0] :LAUNCHER:EXECUTABLE:0x004e9688 -> 0x7e3986c7: GetDC!USER32.dll
[
44:07b0] :LAUNCHER: EXECUTABLE->USER32.dll Stamped
[
44:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'USERENV.dll'
[
44:07b0] :LAUNCHER: EXECUTABLE->USERENV.dll TimeDateStamp: 00000000, handle
00000000
[
44:07b0] :WRAPPER:LoadLibrary: USERENV.dll
[
44:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[
44:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c810c1e = SetFil
ePointer
[
44:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c8107f0 = Create
FileW
[
44:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c801d53 = LoadLi
braryExA
[
44:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c80b7dc = GetFil
eAttributesW
[
44:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c80e76c = Search
PathW
[
44:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c810b07 = GetFil
eSize
[
45:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[
45:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[
45:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[
45:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[
45:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[
45:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c80ee67 = FindCl
ose
[
45:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c80efca = FindNe
xtFileW
[
45:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c80ef71 = FindFi
rstFileW
[
45:07b0] :LAUNCHER:WRAPPER: USERENV.dll -> KERNEL32.dll!0x7c801812 = ReadFi
le
[
45:07b0] :WRAPPER:LoadLibrary: USERENV.dll, handle is 76630000
[
45:07b0] :LAUNCHER:EXECUTABLE:0x004e9690 -> 0x7663ad1c: LoadUserProfileW!US
ERENV.dll
[
45:07b0] :LAUNCHER: EXECUTABLE->USERENV.dll Stamped
[
45:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'VERSION.dll'
[
45:07b0] :LAUNCHER: EXECUTABLE->VERSION.dll TimeDateStamp: 00000000, handle
00000000
[
45:07b0] :WRAPPER:LoadLibrary: VERSION.dll
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c834e7c = _lclos
e
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c85f738 = _lopen
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c8353e6 = _lread
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c83541e = _llsee
k
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c810b07 = GetFil
eSize
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c801af5 = LoadLi
braryExW
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c8107f0 = Create
FileW
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c80b7dc = GetFil
eAttributesW
[
45:07b0] :LAUNCHER:WRAPPER: VERSION.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[
45:07b0] :WRAPPER:LoadLibrary: VERSION.dll, handle is 77bd0000
[
45:07b0] :LAUNCHER:EXECUTABLE:0x004e9698 -> 0x77bd1805: VerQueryValueW!VERS
ION.dll
[
45:07b0] :LAUNCHER: EXECUTABLE->VERSION.dll Stamped
[
45:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'WININET.dll'
[
45:07b0] :LAUNCHER: EXECUTABLE->WININET.dll TimeDateStamp: 00000000, handle
00000000
[
45:07b0] :WRAPPER:LoadLibrary: WININET.dll
[
50:07b0] :WRAPPER:LoadLibrary: comctl32.dll, handle is 773a0000
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c801a28 = Create
FileA
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c8107f0 = Create
FileW
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c8115cc = GetFil
eAttributesA
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80b7dc = GetFil
eAttributesW
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c801d53 = LoadLi
braryExA
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c801af5 = LoadLi
braryExW
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c813869 = FindFi
rstFileA
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80ef71 = FindFi
rstFileW
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c834ec9 = FindNe
xtFileA
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80efca = FindNe
xtFileW
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c801812 = ReadFi
le
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c810c1e = SetFil
ePointer
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c810b07 = GetFil
eSize
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80ee67 = FindCl
ose
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80b995 = MapVie
wOfFile
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c8094ee = Create
FileMappingA
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80ba04 = UnmapV
iewOfFile
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80b731 = GetMod
uleHandleA
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c809420 = Create
FileMappingW
[
50:07b0] :LAUNCHER:WRAPPER: CRYPT32.dll -> KERNEL32.dll!0x7c80b55f = GetMod
uleFileNameA
[
50:07b0] :LAUNCHER:WRAPPER: MSASN1.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
[
50:07b0] :LAUNCHER:WRAPPER: MSASN1.dll -> KERNEL32.dll!0x7c801d7b = LoadLib
raryA
[
50:07b0] :LAUNCHER:WRAPPER: MSASN1.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
Address
[
50:07b0] :LAUNCHER:WRAPPER: MSASN1.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
ndle
[
50:07b0] :LAUNCHER:WRAPPER: MSASN1.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
rary
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c80b55f = GetMod
uleFileNameA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c810c1e = SetFil
ePointer
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c801812 = ReadFi
le
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c8115cc = GetFil
eAttributesA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c832b6e = GetPri
vateProfileStringA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c80ee67 = FindCl
ose
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c834ec9 = FindNe
xtFileA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c813869 = FindFi
rstFileA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c80ba04 = UnmapV
iewOfFile
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c8094ee = Create
FileMappingA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c801d53 = LoadLi
braryExA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c810b07 = GetFil
eSize
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c801a28 = Create
FileA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> KERNEL32.dll!0x7c80b731 = GetMod
uleHandleA
[
51:07b0] :LAUNCHER:WRAPPER: WININET.dll -> USER32.dll!0x7e3a7c08 = LoadImag
eA
[
51:07b0] :WRAPPER:LoadLibrary: WININET.dll, handle is 77180000
[
51:07b0] :LAUNCHER:EXECUTABLE:0x004e96a0 -> 0x771d5d0c: FtpOpenFileW!WININE
T.dll
[
51:07b0] :LAUNCHER: EXECUTABLE->WININET.dll Stamped
[
51:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'WINMM.dll'
[
51:07b0] :LAUNCHER: EXECUTABLE->WINMM.dll TimeDateStamp: 00000000, handle 0
0000000
[
51:07b0] :WRAPPER:LoadLibrary: WINMM.dll
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c8449fd = SetUnhan
dledExceptionFilter
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c80b995 = MapViewO
fFile
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c80ba04 = UnmapVie
wOfFile
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c801d7b = LoadLibr
aryA
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c810b07 = GetFileS
ize
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c834e7c = _lclose
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c80b7dc = GetFileA
ttributesW
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c83541e = _llseek
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c8353e6 = _lread
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c801af5 = LoadLibr
aryExW
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c809bd7 = CloseHan
dle
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c80e76c = SearchPa
thW
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c8107f0 = CreateFi
leW
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c80ae30 = GetProcA
ddress
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c80e4cd = GetModul
eHandleW
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c80b55f = GetModul
eFileNameA
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c80aedb = LoadLibr
aryW
[
52:07b0] :LAUNCHER:WRAPPER: WINMM.dll -> KERNEL32.dll!0x7c80ac6e = FreeLibr
ary
[
52:07b0] :WRAPPER:LoadLibrary: WINMM.dll, handle is 76b00000
[
52:07b0] :LAUNCHER:EXECUTABLE:0x004e96a8 -> 0x76b04e4f: timeGetTime!WINMM.d
ll
[
52:07b0] :LAUNCHER: EXECUTABLE->WINMM.dll Stamped
[
52:07b0] :LAUNCHER:EXECUTABLE dynamic link to 'WSOCK32.dll'
[
52:07b0] :LAUNCHER: EXECUTABLE->WSOCK32.dll TimeDateStamp: 00000000, handle
00000000
[
52:07b0] :WRAPPER:LoadLibrary: WSOCK32.dll
[
52:07b0] :LAUNCHER:WRAPPER: WS2_32.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
Address
[
52:07b0] :LAUNCHER:WRAPPER: WS2_32.dll -> KERNEL32.dll!0x7c80b55f = GetModu
leFileNameA
[
53:07b0] :LAUNCHER:WRAPPER: WS2_32.dll -> KERNEL32.dll!0x7c801d7b = LoadLib
raryA
[
53:07b0] :LAUNCHER:WRAPPER: WS2_32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
rary
[
53:07b0] :LAUNCHER:WRAPPER: WS2_32.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
ndle
[
53:07b0] :LAUNCHER:WRAPPER: WS2_32.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
[
53:07b0] :LAUNCHER:WRAPPER: WS2HELP.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[
53:07b0] :LAUNCHER:WRAPPER: WS2HELP.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[
53:07b0] :LAUNCHER:WRAPPER: WS2HELP.dll -> KERNEL32.dll!0x7c80b731 = GetMod
uleHandleA
[
53:07b0] :LAUNCHER:WRAPPER: WS2HELP.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[
53:07b0] :LAUNCHER:WRAPPER: WS2HELP.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[
53:07b0] :LAUNCHER:WRAPPER: WS2HELP.dll -> KERNEL32.dll!0x7c80b55f = GetMod
uleFileNameA
[
53:07b0] :LAUNCHER:WRAPPER: WS2HELP.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[
53:07b0] :WRAPPER:LoadLibrary: WSOCK32.dll, handle is 71a50000
[
53:07b0] :LAUNCHER:EXECUTABLE:0x004e96b0 -> 0x71a52e70: 16!WSOCK32.dll
[
53:07b0] :LAUNCHER: EXECUTABLE->WSOCK32.dll Stamped
[
53:07b0] :LAUNCHER: Goto real entry point 0x4cce80
[
58:07b0] :WRAPPER:LoadLibrary: KERNEL32.DLL, handle is 7c800000
[
58:07b0] :WRAPPER:LoadLibrary: ADVAPI32.dll, handle is 77da0000
[
58:07b0] :WRAPPER:LoadLibrary: COMCTL32.dll, handle is 773a0000
[
59:07b0] :WRAPPER:LoadLibrary: COMDLG32.dll, handle is 76360000
[
59:07b0] :WRAPPER:LoadLibrary: GDI32.dll, handle is 77ef0000
[
59:07b0] :WRAPPER:LoadLibrary: MPR.dll, handle is 71aa0000
[
59:07b0] :WRAPPER:LoadLibrary: ole32.dll, handle is 774b0000
[
59:07b0] :WRAPPER:LoadLibrary: OLEAUT32.dll, handle is 770f0000
[
59:07b0] :WRAPPER:LoadLibrary: PSAPI.DLL, handle is 76bb0000
[
60:07b0] :WRAPPER:LoadLibrary: SHELL32.dll, handle is 7e6a0000
[
60:07b0] :WRAPPER:LoadLibrary: USER32.dll, handle is 7e390000
[
60:07b0] :WRAPPER:LoadLibrary: USERENV.dll, handle is 76630000
[
60:07b0] :WRAPPER:LoadLibrary: VERSION.dll, handle is 77bd0000
[
60:07b0] :WRAPPER:LoadLibrary: WININET.dll, handle is 77180000
[
60:07b0] :WRAPPER:LoadLibrary: WINMM.dll, handle is 76b00000
[
61:07b0] :WRAPPER:LoadLibrary: WSOCK32.dll, handle is 71a50000
[
61:07b0] :WRAPPER:SetUnhandledExceptionFilter: 0x0041f20e
[
61:07b0] :WRAPPER:LoadLibrary: kernel32.dll, handle is 7c800000
[
61:07b0] :WRAPPER:FreeLibrary:7c800000, 'C:\WINDOWS\system32\kernel32.dll'
[
61:07b0] :WRAPPER:LoadLibrary: uxtheme.dll
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80b7dc = GetFil
eAttributesW
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c801812 = ReadFi
le
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c810b07 = GetFil
eSize
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80ef71 = FindFi
rstFileW
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80efca = FindNe
xtFileW
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80ee67 = FindCl
ose
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c809420 = Create
FileMappingW
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80b995 = MapVie
wOfFile
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80ba04 = UnmapV
iewOfFile
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80e4cd = GetMod
uleHandleW
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c8107f0 = Create
FileW
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c801af5 = LoadLi
braryExW
[
62:07b0] :LAUNCHER:WRAPPER: uxtheme.dll -> KERNEL32.dll!0x7c810c1e = SetFil
ePointer
[
62:07b0] :WRAPPER:LoadLibrary: uxtheme.dll, handle is 5b150000
[
62:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\uxtheme.dll, handle is 5
b150000
[
63:07b0] :WRAPPER:LoadLibrary: uxtheme.dll, handle is 5b150000
[
b150000
[
63:07b0] :WRAPPER:FreeLibrary:5b150000, 'C:\WINDOWS\system32\uxtheme.dll'
[
b150000
[
[
b150000
[
[
64:07b0] :BOX:OpenFile: found 'TRAINER V4.EXE' at 0x6df60, size 5702719(0x5
7043f)
[
64:07b0] :BOX: ReadFile 0x008ff834 <- 0x10000 bytes at 0x0 'TRAINER V4.EXE'
[
69:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x0 'TRAINER V4.EX
E'
[
69:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x10000->0x10000 'T
RAINER V4.EXE'
[
69:07b0] :BOX: SetFilePointer(OK): SET 65516(0xffec)/0x57043f, 0x10000->0xf
fec 'TRAINER V4.EXE'
[
69:07b0] :BOX: ReadFile 0x008ff834 <- 0x10000 bytes at 0xffec 'TRAINER V4.E
XE'
[
74:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0xffec 'TRAINER V4
.EXE'
[
74:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x1ffec->0x1ffec 'T
RAINER V4.EXE'
[
74:07b0] :BOX: SetFilePointer(OK): SET 131032(0x1ffd8)/0x57043f, 0x1ffec->0
x1ffd8 'TRAINER V4.EXE'
[
74:07b0] :BOX: ReadFile 0x008ff834 <- 0x10000 bytes at 0x1ffd8 'TRAINER V4.
EXE'
[
79:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x1ffd8 'TRAINER V
4.EXE'
[
80:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x2ffd8->0x2ffd8 'T
RAINER V4.EXE'
[
80:07b0] :BOX: SetFilePointer(OK): SET 196548(0x2ffc4)/0x57043f, 0x2ffd8->0
x2ffc4 'TRAINER V4.EXE'
[
80:07b0] :BOX: ReadFile 0x008ff834 <- 0x10000 bytes at 0x2ffc4 'TRAINER V4.
EXE'
[
85:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x2ffc4 'TRAINER V
4.EXE'
[
85:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x3ffc4->0x3ffc4 'T
RAINER V4.EXE'
[
85:07b0] :BOX: SetFilePointer(OK): SET 262064(0x3ffb0)/0x57043f, 0x3ffc4->0
x3ffb0 'TRAINER V4.EXE'
[
85:07b0] :BOX: ReadFile 0x008ff834 <- 0x10000 bytes at 0x3ffb0 'TRAINER V4.
EXE'
[
90:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x3ffb0 'TRAINER V
4.EXE'
[
90:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x4ffb0->0x4ffb0 'T
RAINER V4.EXE'
[
90:07b0] :BOX: SetFilePointer(OK): SET 327580(0x4ff9c)/0x57043f, 0x4ffb0->0
x4ff9c 'TRAINER V4.EXE'

[
90:07b0] :BOX: ReadFile 0x008ff834 <- 0x10000 bytes at 0x4ff9c 'TRAINER V4.
EXE'
[
94:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x4ff9c 'TRAINER V
4.EXE'
[
94:07b0] :BOX: SetFilePointer(OK): SET 385044(0x5e014)/0x57043f, 0x5ff9c->0
x5e014 'TRAINER V4.EXE'
[
94:07b0] :BOX: ReadFile 0x011a4d18 <- 0x1000 bytes at 0x5e014 'TRAINER V4.E
XE'
[
94:07b0] :BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x5e014 'TRAINER V4.
EXE'
[
94:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x5f014->0x5f014 'T
RAINER V4.EXE'
[
94:07b0] :BOX: SetFilePointer(OK): SET 385064(0x5e028)/0x57043f, 0x5f014->0
[
94:07b0] :BOX: ReadFile 0x011a4d18 <- 0x200 bytes at 0x5e028 'TRAINER V4.EX
E'
[
94:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0x5e028 'TRAINER V4.EX
E'
[
94:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x5e228->0x5e228 'T
RAINER V4.EXE'
[
94:07b0] :BOX: SetFilePointer(OK): SET 385207(0x5e0b7)/0x57043f, 0x5e228->0
x5e0b7 'TRAINER V4.EXE'
[
94:07b0] :BOX: ReadFile 0x011a4d18 <- 0x200 bytes at 0x5e0b7 'TRAINER V4.EX
E'
[
94:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0x5e0b7 'TRAINER V4.EX
E'
[
94:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x5e2b7->0x5e2b7 'T
RAINER V4.EXE'
[
94:07b0] :BOX: SetFilePointer(OK): SET 774007(0xbcf77)/0x57043f, 0x5e2b7->0
xbcf77 'TRAINER V4.EXE'
[
94:07b0] :BOX: ReadFile 0x011a4d18 <- 0x200 bytes at 0xbcf77 'TRAINER V4.EX
E'
[
99:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0xbcf77 'TRAINER V4.EX
E'
[
99:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0xbd177->0xbd177 'T
RAINER V4.EXE'
[
99:07b0] :BOX: SetFilePointer(OK): SET 774056(0xbcfa8)/0x57043f, 0xbd177->0
xbcfa8 'TRAINER V4.EXE'
[
99:07b0] :BOX: ReadFile 0x011a4d18 <- 0x200 bytes at 0xbcfa8 'TRAINER V4.EX
E'
[
99:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0xbcfa8 'TRAINER V4.EX
E'
[ 100:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0xbd1a8->0xbd1a8 'T
RAINER V4.EXE'
[ 100:07b0] :BOX: SetFilePointer(OK): SET 5664206(0x566dce)/0x57043f, 0xbd1a8>0x566dce 'TRAINER V4.EXE'
[ 100:07b0] :BOX: ReadFile 0x011a4d18 <- 0x200 bytes at 0x566dce 'TRAINER V4.E
XE'
[ 104:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0x566dce 'TRAINER V4.E
XE'
[ 104:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x566fce->0x566fce
'TRAINER V4.EXE'
[ 104:07b0] :BOX: SetFilePointer(OK): SET 5664417(0x566ea1)/0x57043f, 0x566fce
->0x566ea1 'TRAINER V4.EXE'
[ 105:07b0] :BOX: ReadFile 0x011a4d18 <- 0x200 bytes at 0x566ea1 'TRAINER V4.E
XE'
[ 105:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0x566ea1 'TRAINER V4.E
XE'
[ 105:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x5670a1->0x5670a1
'TRAINER V4.EXE'
[ 105:07b0] :BOX: SetFilePointer(OK): SET 5702711(0x570437)/0x57043f, 0x5670a1
->0x570437 'TRAINER V4.EXE'
[ 105:07b0] :BOX: ReadFile 0x011a4d18 <- 0x200 bytes at 0x570437 'TRAINER V4.E
XE'
[ 105:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x8 offs 0x570437 'TRAINER V4.EXE
'
[ 105:07b0] :BOX:CloseFile: 'TRAINER V4.EXE'
[ 105:07b0] :WRAPPER:LoadLibrary: ole32.dll, handle is 774b0000
[ 106:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\SHELL32.dll, handle is 7
e6a0000
[ 106:07b0] :WRAPPER:LoadLibrary: SETUPAPI.dll
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80e4cd = GetMo
duleHandleW
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c801d7b = LoadL
ibraryA
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c8449fd = SetUn
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80efca = FindN
extFileW
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80e76c = Searc
hPathW
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80b7dc = GetFi
leAttributesW
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80ba04 = Unmap
ViewOfFile
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80b995 = MapVi
ewOfFile
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c809420 = Creat
eFileMappingW
[ 106:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c810b07 = GetFi
leSize
[ 107:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c8107f0 = Creat
eFileW
[ 107:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c810c1e = SetFi
lePointer
[ 107:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80ac6e = FreeL
ibrary
[ 107:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
ocAddress
[ 107:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80aedb = LoadL
ibraryW
[ 107:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80ee67 = FindC
lose
[ 107:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c80ef71 = FindF
irstFileW
[ 107:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c801a28 = Creat
eFileA
[ 107:07b0] :LAUNCHER:WRAPPER: SETUPAPI.dll -> KERNEL32.dll!0x7c801812 = ReadF
ile
[ 107:07b0] :WRAPPER:LoadLibrary: SETUPAPI.dll, handle is 778f0000
[ 107:07b0] :WRAPPER:LoadLibrary: rpcrt4.dll, handle is 77e50000
[ 112:07b0] :WRAPPER:FindFirstFileExW C:\Documents and Settings,
[ 112:07b0] :WRAPPER:LoadLibrary: SHELL32.dll, handle is 7e6a0000
[ 113:07b0] :WRAPPER:LoadLibrary: ole32.dll, handle is 774b0000
[ 113:07b0] :WRAPPER:FindFirstFileExW C:\Documents and Settings\CABINA9,
[ 113:07b0] :WRAPPER:FindFirstFileExW C:\Documents and Settings\CABINA9\Mis do
cumentos,

cumentos\Downloads,
cumentos\Downloads\trainer v4,
cumentos\Downloads\trainer v4\trainer v4.exe,
[ 114:07b0] :BOX: enumeration in root of package is disabled
[ 115:07b0] :BOX:OpenFile: found 'TRAINER V4.EXE' at 0x6df60, size 5702719(0x5
7043f)
[ 115:07b0] :BOX: ReadFile 0x008ff7cc <- 0x10000 bytes at 0x0 'TRAINER V4.EXE'
[ 120:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x0 'TRAINER V4.EX
E'
[ 120:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x10000->0x10000 'T
RAINER V4.EXE'
[ 120:07b0] :BOX: SetFilePointer(OK): SET 65516(0xffec)/0x57043f, 0x10000->0xf
[ 120:07b0] :BOX: ReadFile 0x008ff7cc <- 0x10000 bytes at 0xffec 'TRAINER V4.E
XE'
[ 125:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0xffec 'TRAINER V4
.EXE'
[ 125:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x1ffec->0x1ffec 'T
RAINER V4.EXE'
[ 125:07b0] :BOX: SetFilePointer(OK): SET 131032(0x1ffd8)/0x57043f, 0x1ffec->0
[ 125:07b0] :BOX: ReadFile 0x008ff7cc <- 0x10000 bytes at 0x1ffd8 'TRAINER V4.
EXE'
[ 130:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x1ffd8 'TRAINER V
4.EXE'
[ 131:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x2ffd8->0x2ffd8 'T
RAINER V4.EXE'
[ 131:07b0] :BOX: SetFilePointer(OK): SET 196548(0x2ffc4)/0x57043f, 0x2ffd8->0
[ 131:07b0] :BOX: ReadFile 0x008ff7cc <- 0x10000 bytes at 0x2ffc4 'TRAINER V4.
EXE'
[ 135:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x2ffc4 'TRAINER V
4.EXE'
[ 136:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x3ffc4->0x3ffc4 'T
RAINER V4.EXE'
[ 136:07b0] :BOX: SetFilePointer(OK): SET 262064(0x3ffb0)/0x57043f, 0x3ffc4->0
[ 136:07b0] :BOX: ReadFile 0x008ff7cc <- 0x10000 bytes at 0x3ffb0 'TRAINER V4.
EXE'
[ 141:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x3ffb0 'TRAINER V
4.EXE'
[ 141:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x4ffb0->0x4ffb0 'T
RAINER V4.EXE'
[ 141:07b0] :BOX: SetFilePointer(OK): SET 327580(0x4ff9c)/0x57043f, 0x4ffb0->0
[ 141:07b0] :BOX: ReadFile 0x008ff7cc <- 0x10000 bytes at 0x4ff9c 'TRAINER V4.
EXE'
[ 145:07b0] :BOX: ReadFile(OK) 0x10000 wasread 0x10000 offs 0x4ff9c 'TRAINER V
4.EXE'
[ 145:07b0] :BOX: SetFilePointer(OK): SET 385044(0x5e014)/0x57043f, 0x5ff9c->0
[ 145:07b0] :BOX: ReadFile 0x011a51b0 <- 0x1000 bytes at 0x5e014 'TRAINER V4.E
XE'
[ 145:07b0] :BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x5e014 'TRAINER V4.
EXE'
[ 145:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x5f014->0x5f014 'T
RAINER V4.EXE'
[ 145:07b0] :BOX: SetFilePointer(OK): SET 385064(0x5e028)/0x57043f, 0x5f014->0

[ 145:07b0] :BOX: ReadFile 0x011a51b0 <- 0x200 bytes at 0x5e028 'TRAINER V4.EX
E'
[ 145:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0x5e028 'TRAINER V4.EX
E'
[ 145:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x5e228->0x5e228 'T
RAINER V4.EXE'
[ 145:07b0] :BOX: SetFilePointer(OK): SET 385235(0x5e0d3)/0x57043f, 0x5e228->0
x5e0d3 'TRAINER V4.EXE'
[ 145:07b0] :BOX: ReadFile 0x01490048 <- 0x5ee00 bytes at 0x5e0d3 'TRAINER V4.
EXE'
[ 175:07b0] :BOX: ReadFile(OK) 0x5ee00 wasread 0x5ee00 offs 0x5e0d3 'TRAINER V
4.EXE'
[ 175:07b0] :BOX: ReadFile 0x011a51b0 <- 0x200 bytes at 0xbced3 'TRAINER V4.EX
E'
[ 175:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0xbced3 'TRAINER V4.EX
E'
[ 439:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\MSCTF.dll
[ 440:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\MSCTF.dll -> KERNEL32.dll!0
x7c801d7b = LoadLibraryA
x7c80aedb = LoadLibraryW
x7c8449fd = SetUnhandledExceptionFilter
x7c8094ee = CreateFileMappingA
x7c80b995 = MapViewOfFile
x7c80ba04 = UnmapViewOfFile
x7c809bd7 = CloseHandle
x7c80b55f = GetModuleFileNameA
x7c80ae30 = GetProcAddress
x7c80ac6e = FreeLibrary
x7c80b731 = GetModuleHandleA
x7c801d53 = LoadLibraryExA
[ 440:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\MSCTF.dll -> USER32.dll!0x7
e3a7c08 = LoadImageA
[ 440:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\MSCTF.dll, handle is 746
b0000
[ 441:07b0] :WRAPPER:LoadLibrary: UxTheme.dll, handle is 5b150000
[ 447:07b0] :WRAPPER:FindFirstFileW C:\DOCUME~1\CABINA9\CONFIG~1\Temp\vscfnjs
7043f)
[ 447:07b0] :BOX: ReadFile 0x008feafc <- 0x10000 bytes at 0x0 'TRAINER V4.EXE'
E'
RAINER V4.EXE'
[ 453:07b0] :BOX: ReadFile 0x008feafc <- 0x10000 bytes at 0xffec 'TRAINER V4.E
XE'
.EXE'
RAINER V4.EXE'
[ 458:07b0] :BOX: ReadFile 0x008feafc <- 0x10000 bytes at 0x1ffd8 'TRAINER V4.
EXE'
4.EXE'
RAINER V4.EXE'
[ 463:07b0] :BOX: ReadFile 0x008feafc <- 0x10000 bytes at 0x2ffc4 'TRAINER V4.
EXE'
4.EXE'
RAINER V4.EXE'
[ 468:07b0] :BOX: ReadFile 0x008feafc <- 0x10000 bytes at 0x3ffb0 'TRAINER V4.
EXE'
4.EXE'
RAINER V4.EXE'
[ 473:07b0] :BOX: ReadFile 0x008feafc <- 0x10000 bytes at 0x4ff9c 'TRAINER V4.
EXE'
4.EXE'
[ 478:07b0] :BOX: ReadFile 0x0201d8a0 <- 0x1000 bytes at 0x5e014 'TRAINER V4.E
XE'
EXE'
RAINER V4.EXE'
[ 478:07b0] :BOX: ReadFile 0x0201d8a0 <- 0x200 bytes at 0x5e028 'TRAINER V4.EX
E'
E'
RAINER V4.EXE'
[ 478:07b0] :BOX: SetFilePointer(OK): SET 385207(0x5e0b7)/0x57043f, 0x5e228->0
[ 478:07b0] :BOX: ReadFile 0x0201d8a0 <- 0x200 bytes at 0x5e0b7 'TRAINER V4.EX
E'
[ 478:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0x5e0b7 'TRAINER V4.EX
E'
[ 478:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x5e2b7->0x5e2b7 'T
RAINER V4.EXE'
[ 478:07b0] :BOX: SetFilePointer(OK): SET 774007(0xbcf77)/0x57043f, 0x5e2b7->0

[ 478:07b0] :BOX: ReadFile 0x0201d8a0 <- 0x200 bytes at 0xbcf77 'TRAINER V4.EX
E'
[ 483:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0xbcf77 'TRAINER V4.EX
E'
[ 483:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0xbd177->0xbd177 'T
RAINER V4.EXE'
[ 483:07b0] :BOX: SetFilePointer(OK): SET 774056(0xbcfa8)/0x57043f, 0xbd177->0
xbcfa8 'TRAINER V4.EXE'
[ 483:07b0] :BOX: ReadFile 0x0201d8a0 <- 0x200 bytes at 0xbcfa8 'TRAINER V4.EX
E'
[ 483:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0xbcfa8 'TRAINER V4.EX
E'
[ 483:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0xbd1a8->0xbd1a8 'T
RAINER V4.EXE'
[ 483:07b0] :BOX: SetFilePointer(OK): SET 5664206(0x566dce)/0x57043f, 0xbd1a8>0x566dce 'TRAINER V4.EXE'
[ 483:07b0] :BOX: ReadFile 0x0201d8a0 <- 0x200 bytes at 0x566dce 'TRAINER V4.E
XE'
[ 488:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0x566dce 'TRAINER V4.E
XE'
[ 488:07b0] :BOX: ReadFile 0x008fede1 <- 0x9000 bytes at 0x566fce 'TRAINER V4.
EXE'
[ 488:07b0] :BOX: ReadFile(OK) 0x9000 wasread 0x9000 offs 0x566fce 'TRAINER V4
.EXE'
[ 488:07b0] :BOX: ReadFile 0x0201d8a0 <- 0x1000 bytes at 0x56ffce 'TRAINER V4.
EXE'
[ 488:07b0] :BOX: ReadFile(OK) 0x1000 wasread 0x471 offs 0x56ffce 'TRAINER V4.
EXE'
[ 726:07b0] :WRAPPER:LoadLibrary: Secur32.dll, handle is 77fc0000
[ 726:07b0] :WRAPPER:LoadLibrary: shell32.dll, handle is 7e6a0000
[ 735:07b0] :WRAPPER:LoadLibrary: wsock32, handle is 71a50000
[ 737:07b0] :WRAPPER:LoadLibrary: ws2_32, handle is 71a30000
[ 737:07b0] :WRAPPER:LoadLibrary: RASAPI32.DLL
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c8107f0 = Creat
eFileW
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c80ac6e = FreeL
ibrary
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c80ae30 = GetPr
ocAddress
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c80aedb = LoadL
ibraryW
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c80b7dc = GetFi
leAttributesW
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c801a28 = Creat
eFileA
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c801812 = ReadF
ile
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c80e4cd = GetMo
duleHandleW
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c80ee67 = FindC
lose
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c80efca = FindN
extFileW
[ 741:07b0] :LAUNCHER:WRAPPER: RASAPI32.DLL -> KERNEL32.dll!0x7c80ef71 = FindF
irstFileW
[ 741:07b0] :LAUNCHER:WRAPPER:
ibraryA
lePointer
raryW
Address
raryA
ndle
rary
ibraryW
leAttributesW
lePointer
ibraryA
ibrary
ocAddress
eFileW
Handle
ile
duleFileNameA
Address
raryW
leHandleW
ndle
rary
tFileW
stFileW
RASAPI32.DLL -> KERNEL32.dll!0x7c801d7b = LoadL

RASAPI32.DLL -> KERNEL32.dll!0x7c8449fd = SetUn
RASAPI32.DLL -> KERNEL32.dll!0x7c810c1e = SetFi
rasman.dll -> KERNEL32.dll!0x7c80aedb = LoadLib
rasman.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
rasman.dll -> KERNEL32.dll!0x7c801d7b = LoadLib
rasman.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
rasman.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
rasman.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
NETAPI32.dll -> KERNEL32.dll!0x7c80aedb = LoadL
NETAPI32.dll -> KERNEL32.dll!0x7c80b7dc = GetFi
NETAPI32.dll -> KERNEL32.dll!0x7c810c1e = SetFi
NETAPI32.dll -> KERNEL32.dll!0x7c8449fd = SetUn
NETAPI32.dll -> KERNEL32.dll!0x7c801d7b = LoadL
NETAPI32.dll -> KERNEL32.dll!0x7c80ac6e = FreeL
NETAPI32.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
NETAPI32.dll -> KERNEL32.dll!0x7c8107f0 = Creat
NETAPI32.dll -> KERNEL32.dll!0x7c809bd7 = Close
NETAPI32.dll -> KERNEL32.dll!0x7c801812 = ReadF
NETAPI32.dll -> KERNEL32.dll!0x7c80b55f = GetMo
TAPI32.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
TAPI32.dll -> KERNEL32.dll!0x7c80aedb = LoadLib
TAPI32.dll -> KERNEL32.dll!0x7c80e4cd = GetModu
TAPI32.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
TAPI32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
TAPI32.dll -> KERNEL32.dll!0x7c80efca = FindNex
TAPI32.dll -> KERNEL32.dll!0x7c80ef71 = FindFir
TAPI32.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
rtutils.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
rtutils.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 742:07b0] :LAUNCHER:WRAPPER: rtutils.dll -> KERNEL32.dll!0x7c810c1e = SetFil
ePointer
[ 742:07b0] :LAUNCHER:WRAPPER: rtutils.dll -> KERNEL32.dll!0x7c801a28 = Create
FileA
[ 742:07b0] :LAUNCHER:WRAPPER: rtutils.dll -> KERNEL32.dll!0x7c810b07 = GetFil
eSize
[ 742:07b0] :LAUNCHER:WRAPPER: rtutils.dll -> KERNEL32.dll!0x7c8107f0 = Create
FileW
[ 742:07b0] :LAUNCHER:WRAPPER: rtutils.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[ 742:07b0] :LAUNCHER:WRAPPER: rtutils.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[ 742:07b0] :LAUNCHER:WRAPPER: rtutils.dll -> KERNEL32.dll!0x7c80b55f = GetMod
uleFileNameA
[ 742:07b0] :LAUNCHER:WRAPPER: rtutils.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[ 742:07b0] :WRAPPER:LoadLibrary: RASAPI32.DLL, handle is 76ea0000
[ 742:07b0] :WRAPPER:LoadLibrary: RTUTILS.DLL, handle is 76e40000
[ 743:07b0] :WRAPPER:LoadLibrary: RASMAN.DLL, handle is 76e50000
[ 743:07b0] :WRAPPER:LoadLibrary: secur32.dll, handle is 77fc0000
[ 744:07b0] :WRAPPER: Search msapsspc.dll in NULL
[ 744:07b0] :WRAPPER: Search schannel.dll in NULL
[ 744:07b0] :WRAPPER: Search digest.dll in NULL
[ 744:07b0] :WRAPPER: Search msnsspc.dll in NULL
[ 744:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msv1_0.dll
[ 746:07b0] :LAUNCHER:WRAPPER: iphlpapi.dll -> KERNEL32.dll!0x7c8449fd = SetUn
[ 746:07b0] :LAUNCHER:WRAPPER: iphlpapi.dll -> KERNEL32.dll!0x7c80ac6e = FreeL
ibrary
[ 746:07b0] :LAUNCHER:WRAPPER: iphlpapi.dll -> KERNEL32.dll!0x7c8107f0 = Creat
eFileW
[ 746:07b0] :LAUNCHER:WRAPPER: iphlpapi.dll -> KERNEL32.dll!0x7c801a28 = Creat
eFileA
[ 746:07b0] :LAUNCHER:WRAPPER: iphlpapi.dll -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[ 746:07b0] :LAUNCHER:WRAPPER: iphlpapi.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
ocAddress
[ 746:07b0] :LAUNCHER:WRAPPER: iphlpapi.dll -> KERNEL32.dll!0x7c801d7b = LoadL
ibraryA
[ 746:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\msv1_0.dll -> KERNEL32.dll!
0x7c8449fd = SetUnhandledExceptionFilter
0x7c80e4cd = GetModuleHandleW
0x7c801d7b = LoadLibraryA
0x7c80aedb = LoadLibraryW
0x7c80ae30 = GetProcAddress
0x7c80ac6e = FreeLibrary
0x7c8107f0 = CreateFileW
0x7c810c1e = SetFilePointer
0x7c809bd7 = CloseHandle
[ 746:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msv1_0.dll, handle is 77
c40000
[ 753:07b0] :WRAPPER:LoadLibrary: sensapi.dll

[ 753:07b0] :LAUNCHER:WRAPPER: sensapi.dll -> KERNEL32.dll!0x7c80b995 = MapVie
wOfFile
[ 753:07b0] :LAUNCHER:WRAPPER: sensapi.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 753:07b0] :LAUNCHER:WRAPPER: sensapi.dll -> KERNEL32.dll!0x7c80ba04 = UnmapV
iewOfFile
[ 753:07b0] :WRAPPER:LoadLibrary: sensapi.dll, handle is 72250000
[ 755:07b0] :WRAPPER:LoadLibrary: ntdll.dll, handle is 7c910000
[ 755:07b0] :WRAPPER:FreeLibrary:7c910000, 'C:\WINDOWS\system32\ntdll.dll'
[ 755:07b0] :WRAPPER:LoadLibrary: SHELL32.dll, handle is 7e6a0000
[ 755:07b0] :WRAPPER:LoadLibrary: USERENV.dll, handle is 76630000
[ 757:07b0] :WRAPPER:LoadLibrary: netapi32.dll, handle is 597f0000
[ 757:07b0] :WRAPPER:FindFirstFileW C:\Documents and Settings\All Users\Datos
de programa\Microsoft\Network\Connections\Pbk\*.pbk
[ 758:07b0] :WRAPPER:LoadLibrary: shlwapi.dll, handle is 77f40000
[ 758:07b0] :WRAPPER:FreeLibrary:77f40000, 'C:\WINDOWS\system32\SHLWAPI.dll'
de programa\Microsoft\Network\Connections\Pbk\rasphone.pbk
[ 758:07b0] :WRAPPER:FindFirstFileW C:\WINDOWS\system32\Ras\*.pbk
[ 760:07b0] :WRAPPER:FindFirstFileW C:\Documents and Settings\CABINA9\Datos de
programa\Microsoft\Network\Connections\Pbk\*.pbk
[ 764:07b0] :WRAPPER:LoadLibrary: urlmon.dll
[ 768:07b0] :WRAPPER:LoadLibrary: comctl32.dll, handle is 773a0000
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c81cafa = ExitPro
cess
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c80ba04 = UnmapVi
ewOfFile
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c8094ee = CreateF
ileMappingA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c80b995 = MapView
OfFile
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c834ec9 = FindNex
tFileA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c8217d2 = SearchP
athA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c83644c = GetPriv
ateProfileIntA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c832b6e = GetPriv
ateProfileStringA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c813869 = FindFir
stFileA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c8115cc = GetFile
AttributesA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c801a28 = CreateF
ileA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c810c1e = SetFile
Pointer
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c801812 = ReadFil
e
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c810b07 = GetFile
Size
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c80ee67 = FindClo
se
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
ndle
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c801d53 = LoadLib
raryExA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c80b55f = GetModu
leFileNameA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c801d7b = LoadLib
raryA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c80b731 = GetModu
leHandleA
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
Address
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
rary
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c80aedb = LoadLib
raryW
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> ole32.dll!0x774d057e = CoCreateIn
stance
[ 769:07b0] :LAUNCHER:WRAPPER: urlmon.dll -> ole32.dll!0x774e56c5 = CoGetClass
Object
[ 769:07b0] :WRAPPER:LoadLibrary: urlmon.dll, handle is 7df20000
[ 771:07b0] :WRAPPER:LoadLibrary: WININET.dll, handle is 77180000
[ 771:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\System32\mswsock.dll
[ 771:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\System32\mswsock.dll -> KERNEL32.dll
!0x7c801812 = ReadFile
!0x7c801a28 = CreateFileA
!0x7c8449fd = SetUnhandledExceptionFilter
!0x7c8094ee = CreateFileMappingA
!0x7c80b995 = MapViewOfFile
!0x7c80ba04 = UnmapViewOfFile
!0x7c80ae30 = GetProcAddress
!0x7c80ac6e = FreeLibrary
!0x7c801d7b = LoadLibraryA
!0x7c80b55f = GetModuleFileNameA
!0x7c80aedb = LoadLibraryW
!0x7c809bd7 = CloseHandle
[ 772:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\System32\mswsock.dll, handle is 7
19d0000
[ 772:07b0] :WRAPPER:LoadLibrary: DNSAPI.dll
[ 773:07b0] :LAUNCHER:WRAPPER: DNSAPI.dll -> KERNEL32.dll!0x7c801af5 = LoadLib
raryExW
[ 773:07b0] :LAUNCHER:WRAPPER: DNSAPI.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
ndle
[ 773:07b0] :LAUNCHER:WRAPPER: DNSAPI.dll -> KERNEL32.dll!0x7c80b55f = GetModu
leFileNameA
[ 773:07b0] :LAUNCHER:WRAPPER: DNSAPI.dll -> KERNEL32.dll!0x7c80b731 = GetModu
leHandleA
[ 773:07b0] :LAUNCHER:WRAPPER: DNSAPI.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
Address
[ 773:07b0] :LAUNCHER:WRAPPER: DNSAPI.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
rary
[ 773:07b0] :LAUNCHER:WRAPPER: DNSAPI.dll -> KERNEL32.dll!0x7c801d7b = LoadLib
raryA
[ 773:07b0] :LAUNCHER:WRAPPER: DNSAPI.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
[ 773:07b0] :WRAPPER:LoadLibrary: DNSAPI.dll, handle is 76ee0000
[ 773:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\System32\winrnr.dll
[ 774:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\System32\winrnr.dll -> KERNEL32.dll!
[ 774:07b0] :LAUNCHER:WRAPPER: WLDAP32.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[ 774:07b0] :LAUNCHER:WRAPPER: WLDAP32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[ 774:07b0] :LAUNCHER:WRAPPER: WLDAP32.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[ 774:07b0] :LAUNCHER:WRAPPER: WLDAP32.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[ 774:07b0] :LAUNCHER:WRAPPER: WLDAP32.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 774:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\System32\winrnr.dll, handle is 76
f70000
19d0000
[ 775:07b0] :WRAPPER:LoadLibrary: rasadhlp.dll
[ 775:07b0] :LAUNCHER:WRAPPER: rasadhlp.dll -> KERNEL32.dll!0x7c8449fd = SetUn
[ 775:07b0] :LAUNCHER:WRAPPER: rasadhlp.dll -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[ 775:07b0] :LAUNCHER:WRAPPER: rasadhlp.dll -> KERNEL32.dll!0x7c80aedb = LoadL
ibraryW
[ 775:07b0] :LAUNCHER:WRAPPER: rasadhlp.dll -> KERNEL32.dll!0x7c80ac6e = FreeL
ibrary
[ 775:07b0] :LAUNCHER:WRAPPER: rasadhlp.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
ocAddress
[ 775:07b0] :WRAPPER:LoadLibrary: rasadhlp.dll, handle is 76f80000
[ 775:07b0] :WRAPPER:LoadLibrary: iphlpapi.dll, handle is 76d20000
[ 776:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\mswsock.dll, handle is 7
19d0000
[ 776:07b0] :WRAPPER:LoadLibrary: hnetcfg.dll
[ 776:07b0] :LAUNCHER:WRAPPER: hnetcfg.dll -> KERNEL32.dll!0x7c80e4cd = GetMod
uleHandleW
[ 776:07b0] :LAUNCHER:WRAPPER: hnetcfg.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[ 776:07b0] :LAUNCHER:WRAPPER: hnetcfg.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[ 776:07b0] :LAUNCHER:WRAPPER: hnetcfg.dll -> KERNEL32.dll!0x7c8107f0 = Create
FileW
[ 776:07b0] :LAUNCHER:WRAPPER: hnetcfg.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[ 776:07b0] :LAUNCHER:WRAPPER: hnetcfg.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[ 776:07b0] :LAUNCHER:WRAPPER: hnetcfg.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[ 776:07b0] :LAUNCHER:WRAPPER: hnetcfg.dll -> KERNEL32.dll!0x7c801af5 = LoadLi
braryExW
[ 776:07b0] :LAUNCHER:WRAPPER: hnetcfg.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 776:07b0] :WRAPPER:LoadLibrary: hnetcfg.dll, handle is 66740000
19d0000
[ 776:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\System32\wshtcpip.dll
[ 777:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\System32\wshtcpip.dll -> KERNEL32.dl
l!0x7c8449fd = SetUnhandledExceptionFilter
[ 777:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\System32\wshtcpip.dll, handle is
71a10000
7043f)
[ 1501:07b0] :BOX: ReadFile 0x008fecb4 <- 0x10000 bytes at 0x0 'TRAINER V4.EXE'
E'
RAINER V4.EXE'
[ 1509:07b0] :BOX: ReadFile 0x008fecb4 <- 0x10000 bytes at 0xffec 'TRAINER V4.E
XE'
.EXE'
RAINER V4.EXE'
[ 1515:07b0] :BOX: ReadFile 0x008fecb4 <- 0x10000 bytes at 0x1ffd8 'TRAINER V4.
EXE'
4.EXE'
RAINER V4.EXE'
[ 1520:07b0] :BOX: ReadFile 0x008fecb4 <- 0x10000 bytes at 0x2ffc4 'TRAINER V4.
EXE'
4.EXE'
RAINER V4.EXE'
[ 1528:07b0] :BOX: ReadFile 0x008fecb4 <- 0x10000 bytes at 0x3ffb0 'TRAINER V4.
EXE'
4.EXE'
RAINER V4.EXE'
[ 1533:07b0] :BOX: ReadFile 0x008fecb4 <- 0x10000 bytes at 0x4ff9c 'TRAINER V4.
EXE'
4.EXE'
[ 1544:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x5e014 'TRAINER V4.E
XE'
EXE'
RAINER V4.EXE'
[ 1544:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x200 bytes at 0x5e028 'TRAINER V4.EX
E'
E'
RAINER V4.EXE'
[ 1544:07b0] :BOX: SetFilePointer(OK): SET 385207(0x5e0b7)/0x57043f, 0x5e228->0
[ 1544:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x200 bytes at 0x5e0b7 'TRAINER V4.EX
E'
[ 1544:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0x5e0b7 'TRAINER V4.EX
E'
[ 1544:07b0] :BOX: SetFilePointer(OK): CUR 0(0x0)/0x57043f, 0x5e2b7->0x5e2b7 'T
RAINER V4.EXE'
[ 1544:07b0] :BOX: SetFilePointer(OK): SET 774007(0xbcf77)/0x57043f, 0x5e2b7->0
[ 1544:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x200 bytes at 0xbcf77 'TRAINER V4.EX
E'
[ 1550:07b0] :BOX: ReadFile(OK) 0x200 wasread 0x200 offs 0xbcf77 'TRAINER V4.EX
E'
[ 1550:07b0] :BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0xbd177 'TRAINER V4.E
XE'
[ 1555:07b0] :BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0xbd177 'TRAINER V4.
EXE'
[ 1555:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0xcc177 'TRAINER V4.E
XE'
[ 1555:07b0] :BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0xcc177 'TRAINER V4.
EXE'
[ 1559:07b0] :BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0xcd177 'TRAINER V4.E
XE'
[ 1565:07b0] :BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0xcd177 'TRAINER V4.
EXE'
[ 1565:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0xdc177 'TRAINER V4.E
XE'
[ 1565:07b0] :BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0xdc177 'TRAINER V4.
EXE'
[ 1569:07b0] :BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0xdd177 'TRAINER V4.E
XE'
[ 1574:07b0] :BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0xdd177 'TRAINER V4.
EXE'
[ 1574:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0xec177 'TRAINER V4.E
XE'
[ 1574:07b0] :BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0xec177 'TRAINER V4.
EXE'
[ 1578:07b0] :BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0xed177 'TRAINER V4.E
XE'
[ 1583:07b0] :BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0xed177 'TRAINER V4.
EXE'
[ 1583:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0xfc177 'TRAINER V4.E
XE'
[ 1583:07b0] :BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0xfc177 'TRAINER V4.
EXE'
[ 1587:07b0]
XE'
[ 1592:07b0]
EXE'
[ 1592:07b0]
EXE'
[ 1592:07b0]
.EXE'
[ 1596:07b0]
EXE'
[ 1601:07b0]
.EXE'
[ 1601:07b0]
EXE'
[ 1601:07b0]
.EXE'
[ 1605:07b0]
EXE'
[ 1610:07b0]
.EXE'
[ 1610:07b0]
EXE'
[ 1610:07b0]
.EXE'
[ 1614:07b0]
EXE'
[ 1619:07b0]
.EXE'
[ 1619:07b0]
EXE'
[ 1619:07b0]
.EXE'
[ 1623:07b0]
EXE'
[ 1629:07b0]
.EXE'
[ 1629:07b0]
EXE'
[ 1629:07b0]
.EXE'
[ 1633:07b0]
EXE'
[ 1638:07b0]
.EXE'
[ 1638:07b0]
EXE'
[ 1638:07b0]
.EXE'
[ 1642:07b0]
EXE'
[ 1647:07b0]
.EXE'
[ 1647:07b0]
EXE'
[ 1647:07b0]
.EXE'
[ 1651:07b0]
EXE'
[ 1656:07b0]
.EXE'
:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0xfd177 'TRAINER V4.E

:BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0xfd177 'TRAINER V4.
:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x10c177 'TRAINER V4.
:BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x10c177 'TRAINER V4
:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x10d177 'TRAINER V4.
:BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0x10d177 'TRAINER V4
[ 1656:07b0]
EXE'
[ 1656:07b0]
.EXE'
[ 1660:07b0]
EXE'
[ 1665:07b0]
.EXE'
[ 1665:07b0]
EXE'
[ 1665:07b0]
.EXE'
[ 1669:07b0]
EXE'
[ 1674:07b0]
.EXE'
[ 1674:07b0]
EXE'
[ 1674:07b0]
.EXE'
[ 1678:07b0]
EXE'
[ 1683:07b0]
.EXE'
[ 1683:07b0]
EXE'
[ 1683:07b0]
.EXE'
[ 1687:07b0]
EXE'
[ 1692:07b0]
.EXE'
[ 1692:07b0]
EXE'
[ 1692:07b0]
.EXE'
[ 1696:07b0]
EXE'
[ 1701:07b0]
.EXE'
[ 1701:07b0]
EXE'
[ 1701:07b0]
.EXE'
[ 1705:07b0]
EXE'
[ 1710:07b0]
.EXE'
[ 1710:07b0]
EXE'
[ 1710:07b0]
.EXE'
[ 1714:07b0]
EXE'
[ 1719:07b0]
.EXE'
[ 1719:07b0]
EXE'
[ 1719:07b0]
.EXE'

:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x1ac177 'TRAINER V4.
:BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x1ac177 'TRAINER V4
:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x1ad177 'TRAINER V4.
:BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0x1ad177 'TRAINER V4
:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x1bc177 'TRAINER V4.
:BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x1bc177 'TRAINER V4
:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x1bd177 'TRAINER V4.
:BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0x1bd177 'TRAINER V4
:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x1cc177 'TRAINER V4.
:BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x1cc177 'TRAINER V4
:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x1cd177 'TRAINER V4.
:BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0x1cd177 'TRAINER V4
:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x1dc177 'TRAINER V4.
:BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x1dc177 'TRAINER V4
:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x1dd177 'TRAINER V4.
:BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0x1dd177 'TRAINER V4
:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x1ec177 'TRAINER V4.
:BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x1ec177 'TRAINER V4
[ 1723:07b0]
EXE'
[ 1728:07b0]
.EXE'
[ 1728:07b0]
EXE'
[ 1728:07b0]
.EXE'
[ 1732:07b0]
EXE'
[ 1737:07b0]
.EXE'
[ 1737:07b0]
EXE'
[ 1737:07b0]
.EXE'
[ 1741:07b0]
EXE'
[ 1746:07b0]
.EXE'
[ 1746:07b0]
EXE'
[ 1746:07b0]
.EXE'
[ 1750:07b0]
EXE'
[ 1755:07b0]
.EXE'
[ 1755:07b0]
EXE'
[ 1755:07b0]
.EXE'
[ 1759:07b0]
EXE'
[ 1764:07b0]
.EXE'
[ 1764:07b0]
EXE'
[ 1764:07b0]
.EXE'
[ 1768:07b0]
EXE'
[ 1773:07b0]
.EXE'
[ 1773:07b0]
EXE'
[ 1773:07b0]
.EXE'
[ 1777:07b0]
EXE'
[ 1782:07b0]
.EXE'
[ 1782:07b0]
EXE'
[ 1782:07b0]
.EXE'
[ 1786:07b0]
EXE'
[ 1791:07b0]
.EXE'
:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x1ed177 'TRAINER V4.

:BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0x1ed177 'TRAINER V4
:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x1fc177 'TRAINER V4.
:BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x1fc177 'TRAINER V4
:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x1fd177 'TRAINER V4.
:BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0x1fd177 'TRAINER V4
[ 1791:07b0]
EXE'
[ 1791:07b0]
.EXE'
[ 1794:07b0]
EXE'
[ 1800:07b0]
.EXE'
[ 1800:07b0]
EXE'
[ 1800:07b0]
.EXE'
[ 1804:07b0]
EXE'
[ 1809:07b0]
.EXE'
[ 1809:07b0]
EXE'
[ 1809:07b0]
.EXE'
[ 1813:07b0]
EXE'
[ 1818:07b0]
.EXE'
[ 1818:07b0]
EXE'
[ 1818:07b0]
.EXE'
[ 1822:07b0]
EXE'
[ 1827:07b0]
.EXE'
[ 1827:07b0]
EXE'
[ 1827:07b0]
.EXE'
[ 1831:07b0]
EXE'
[ 1836:07b0]
.EXE'
[ 1836:07b0]
EXE'
[ 1836:07b0]
.EXE'
[ 1840:07b0]
EXE'
[ 1845:07b0]
.EXE'
[ 1845:07b0]
EXE'
[ 1845:07b0]
.EXE'
[ 1849:07b0]
EXE'
[ 1854:07b0]
.EXE'
[ 1854:07b0]
EXE'
[ 1854:07b0]
.EXE'

[ 1858:07b0]
EXE'
[ 1863:07b0]
.EXE'
[ 1863:07b0]
EXE'
[ 1863:07b0]
.EXE'
[ 1867:07b0]
EXE'
[ 1872:07b0]
.EXE'
[ 1872:07b0]
EXE'
[ 1872:07b0]
.EXE'
[ 1876:07b0]
EXE'
[ 1881:07b0]
.EXE'
[ 1881:07b0]
EXE'
[ 1881:07b0]
.EXE'
[ 1884:07b0]
EXE'
[ 1889:07b0]
.EXE'
[ 1889:07b0]
EXE'
[ 1889:07b0]
.EXE'
[ 1893:07b0]
EXE'
[ 1898:07b0]
.EXE'
[ 1898:07b0]
EXE'
[ 1898:07b0]
.EXE'
[ 1902:07b0]
EXE'
[ 1907:07b0]
.EXE'
[ 1907:07b0]
EXE'
[ 1907:07b0]
.EXE'
[ 1911:07b0]
EXE'
[ 1916:07b0]
.EXE'
[ 1916:07b0]
EXE'
[ 1916:07b0]
.EXE'
[ 1920:07b0]
EXE'
[ 1925:07b0]
.EXE'

[ 1925:07b0]
EXE'
[ 1925:07b0]
.EXE'
[ 1929:07b0]
EXE'
[ 1934:07b0]
.EXE'
[ 1934:07b0]
EXE'
[ 1934:07b0]
.EXE'
[ 1938:07b0]
EXE'
[ 1943:07b0]
.EXE'
[ 1943:07b0]
EXE'
[ 1943:07b0]
.EXE'
[ 1947:07b0]
EXE'
[ 1952:07b0]
.EXE'
[ 1952:07b0]
EXE'
[ 1952:07b0]
.EXE'
[ 1956:07b0]
EXE'
[ 1961:07b0]
.EXE'
[ 1961:07b0]
EXE'
[ 1961:07b0]
.EXE'
[ 1965:07b0]
EXE'
[ 1970:07b0]
.EXE'
[ 1970:07b0]
EXE'
[ 1970:07b0]
.EXE'
[ 1974:07b0]
EXE'
[ 1979:07b0]
.EXE'
[ 1979:07b0]
EXE'
[ 1979:07b0]
.EXE'
[ 1983:07b0]
EXE'
[ 1988:07b0]
.EXE'
[ 1988:07b0]
EXE'
[ 1988:07b0]
.EXE'

[ 1992:07b0]
EXE'
[ 1998:07b0]
.EXE'
[ 1998:07b0]
EXE'
[ 1998:07b0]
.EXE'
[ 2001:07b0]
EXE'
[ 2007:07b0]
.EXE'
[ 2007:07b0]
EXE'
[ 2007:07b0]
.EXE'
[ 2011:07b0]
EXE'
[ 2016:07b0]
.EXE'
[ 2016:07b0]
EXE'
[ 2016:07b0]
.EXE'
[ 2020:07b0]
EXE'
[ 2025:07b0]
.EXE'
[ 2025:07b0]
EXE'
[ 2025:07b0]
.EXE'
[ 2029:07b0]
EXE'
[ 2034:07b0]
.EXE'
[ 2034:07b0]
EXE'
[ 2034:07b0]
.EXE'
[ 2038:07b0]
EXE'
[ 2043:07b0]
.EXE'
[ 2043:07b0]
EXE'
[ 2043:07b0]
.EXE'
[ 2047:07b0]
EXE'
[ 2051:07b0]
.EXE'
[ 2052:07b0]
EXE'
[ 2052:07b0]
.EXE'
[ 2055:07b0]
EXE'
[ 2061:07b0]
.EXE'

[ 2061:07b0]
EXE'
[ 2061:07b0]
.EXE'
[ 2064:07b0]
EXE'
[ 2069:07b0]
.EXE'
[ 2069:07b0]
EXE'
[ 2069:07b0]
.EXE'
[ 2073:07b0]
EXE'
[ 2078:07b0]
.EXE'
[ 2078:07b0]
EXE'
[ 2078:07b0]
.EXE'
[ 2082:07b0]
EXE'
[ 2087:07b0]
.EXE'
[ 2087:07b0]
EXE'
[ 2087:07b0]
.EXE'
[ 2090:07b0]
EXE'
[ 2095:07b0]
.EXE'
[ 2095:07b0]
EXE'
[ 2095:07b0]
.EXE'
[ 2099:07b0]
EXE'
[ 2104:07b0]
.EXE'
[ 2104:07b0]
EXE'
[ 2104:07b0]
.EXE'
[ 2108:07b0]
EXE'
[ 2113:07b0]
.EXE'
[ 2113:07b0]
EXE'
[ 2113:07b0]
.EXE'
[ 2117:07b0]
EXE'
[ 2122:07b0]
.EXE'
[ 2122:07b0]
EXE'
[ 2122:07b0]
.EXE'

[ 2126:07b0]
EXE'
[ 2131:07b0]
.EXE'
[ 2131:07b0]
EXE'
[ 2131:07b0]
.EXE'
[ 2135:07b0]
EXE'
[ 2140:07b0]
.EXE'
[ 2140:07b0]
EXE'
[ 2140:07b0]
.EXE'
[ 2143:07b0]
EXE'
[ 2149:07b0]
.EXE'
[ 2149:07b0]
EXE'
[ 2149:07b0]
.EXE'
[ 2152:07b0]
EXE'
[ 2157:07b0]
.EXE'
[ 2157:07b0]
EXE'
[ 2158:07b0]
.EXE'
[ 2161:07b0]
EXE'
[ 2166:07b0]
.EXE'
[ 2166:07b0]
EXE'
[ 2166:07b0]
.EXE'
[ 2170:07b0]
EXE'
[ 2175:07b0]
.EXE'
[ 2175:07b0]
EXE'
[ 2175:07b0]
.EXE'
[ 2179:07b0]
EXE'
[ 2184:07b0]
.EXE'
[ 2184:07b0]
EXE'
[ 2184:07b0]
.EXE'
[ 2188:07b0]
EXE'
[ 2193:07b0]
.EXE'

[ 2193:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x53c177 'TRAINER V4.
EXE'
[ 2193:07b0] :BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x53c177 'TRAINER V4
.EXE'
[ 2197:07b0] :BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x53d177 'TRAINER V4.
EXE'
[ 2202:07b0] :BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0x53d177 'TRAINER V4
.EXE'
EXE'
.EXE'
[ 2206:07b0] :BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x54d177 'TRAINER V4.
EXE'
[ 2211:07b0] :BOX: ReadFile(OK) 0xf000 wasread 0xf000 offs 0x54d177 'TRAINER V4
.EXE'
EXE'
.EXE'
[ 2215:07b0] :BOX: ReadFile 0x008ff03b <- 0x9000 bytes at 0x55d177 'TRAINER V4.
EXE'
[ 2220:07b0] :BOX: ReadFile(OK) 0x9000 wasread 0x9000 offs 0x55d177 'TRAINER V4
.EXE'
[ 2220:07b0] :BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x566177 'TRAINER V4.
EXE'
[ 2220:07b0] :BOX: ReadFile(OK) 0x1000 wasread 0x1000 offs 0x566177 'TRAINER V4
.EXE'
[ 2234:0ca0] :WRAPPER: Search wdmaud.drv in NULL
[ 2235:0ca0] :WRAPPER:LoadLibrary: wdmaud.drv
[ 2235:0ca0] :LAUNCHER:WRAPPER: wdmaud.drv -> KERNEL32.dll!0x7c809bd7 = CloseHa
ndle
[ 2235:0ca0] :LAUNCHER:WRAPPER: wdmaud.drv -> KERNEL32.dll!0x7c80ac6e = FreeLib
rary
[ 2235:0ca0] :LAUNCHER:WRAPPER: wdmaud.drv -> KERNEL32.dll!0x7c80ae30 = GetProc
Address
[ 2235:0ca0] :LAUNCHER:WRAPPER: wdmaud.drv -> KERNEL32.dll!0x7c80aedb = LoadLib
raryW
[ 2235:0ca0] :LAUNCHER:WRAPPER: wdmaud.drv -> KERNEL32.dll!0x7c80b995 = MapView
OfFile
[ 2235:0ca0] :LAUNCHER:WRAPPER: wdmaud.drv -> KERNEL32.dll!0x7c809420 = CreateF
ileMappingW
[ 2235:0ca0] :LAUNCHER:WRAPPER: wdmaud.drv -> KERNEL32.dll!0x7c8107f0 = CreateF
ileW
[ 2235:0ca0] :LAUNCHER:WRAPPER: wdmaud.drv -> KERNEL32.dll!0x7c80ba04 = UnmapVi
ewOfFile
[ 2235:0ca0] :LAUNCHER:WRAPPER: wdmaud.drv -> KERNEL32.dll!0x7c8449fd = SetUnha
[ 2235:0ca0] :WRAPPER:LoadLibrary: wdmaud.drv, handle is 72ca0000
[ 2235:0ca0] :WRAPPER:LoadLibrary: setupapi.dll, handle is 778f0000
[ 2236:0ca0] :WRAPPER:LoadLibrary: WINTRUST.dll
[ 2236:0ca0] :LAUNCHER:WRAPPER: IMAGEHLP.dll -> KERNEL32.dll!0x7c8115cc = GetFi
leAttributesA
[ 2236:0ca0] :LAUNCHER:WRAPPER: IMAGEHLP.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
ocAddress
[ 2236:0ca0] :LAUNCHER:WRAPPER: IMAGEHLP.dll -> KERNEL32.dll!0x7c80b731 = GetMo
duleHandleA
[ 2236:0ca0] :LAUNCHER:WRAPPER: IMAGEHLP.dll -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[ 2236:0ca0] :LAUNCHER:WRAPPER:
ViewOfFile
eFileMappingA
leSize
ewOfFile
eFileA
ibraryA
duleFileNameA
lePointer
hPathA
ibrary
eFileW
leAttributesW
ibrary
ocAddress
ibraryA
ile
lePointer
duleHandleA
leSize
ViewOfFile
ewOfFile
eFileMappingA
lose
eFileA
eFileW
leAttributesA
leAttributesW
IMAGEHLP.dll -> KERNEL32.dll!0x7c80ba04 = Unmap

IMAGEHLP.dll -> KERNEL32.dll!0x7c8094ee = Creat
IMAGEHLP.dll -> KERNEL32.dll!0x7c810b07 = GetFi
IMAGEHLP.dll -> KERNEL32.dll!0x7c80b995 = MapVi
IMAGEHLP.dll -> KERNEL32.dll!0x7c801a28 = Creat
IMAGEHLP.dll -> KERNEL32.dll!0x7c801d7b = LoadL
IMAGEHLP.dll -> KERNEL32.dll!0x7c80b55f = GetMo
IMAGEHLP.dll -> KERNEL32.dll!0x7c810c1e = SetFi
IMAGEHLP.dll -> KERNEL32.dll!0x7c8217d2 = Searc
IMAGEHLP.dll -> KERNEL32.dll!0x7c8449fd = SetUn
IMAGEHLP.dll -> KERNEL32.dll!0x7c80ac6e = FreeL
IMAGEHLP.dll -> KERNEL32.dll!0x7c8107f0 = Creat
IMAGEHLP.dll -> KERNEL32.dll!0x7c80b7dc = GetFi
WINTRUST.dll -> KERNEL32.dll!0x7c80ac6e = FreeL
WINTRUST.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
WINTRUST.dll -> KERNEL32.dll!0x7c801d7b = LoadL
WINTRUST.dll -> KERNEL32.dll!0x7c801812 = ReadF
WINTRUST.dll -> KERNEL32.dll!0x7c810c1e = SetFi
WINTRUST.dll -> KERNEL32.dll!0x7c8449fd = SetUn
WINTRUST.dll -> KERNEL32.dll!0x7c80b731 = GetMo
WINTRUST.dll -> KERNEL32.dll!0x7c810b07 = GetFi
WINTRUST.dll -> KERNEL32.dll!0x7c80ba04 = Unmap
WINTRUST.dll -> KERNEL32.dll!0x7c80b995 = MapVi
WINTRUST.dll -> KERNEL32.dll!0x7c8094ee = Creat
WINTRUST.dll -> KERNEL32.dll!0x7c80ee67 = FindC
WINTRUST.dll -> KERNEL32.dll!0x7c801a28 = Creat
WINTRUST.dll -> KERNEL32.dll!0x7c8107f0 = Creat
WINTRUST.dll -> KERNEL32.dll!0x7c8115cc = GetFi
WINTRUST.dll -> KERNEL32.dll!0x7c80b7dc = GetFi
WINTRUST.dll -> KERNEL32.dll!0x7c80aedb = LoadL
ibraryW
[ 2237:0ca0] :LAUNCHER:WRAPPER: WINTRUST.dll -> KERNEL32.dll!0x7c813869 = FindF
irstFileA
[ 2237:0ca0] :LAUNCHER:WRAPPER: WINTRUST.dll -> KERNEL32.dll!0x7c80ef71 = FindF
irstFileW
[ 2237:0ca0] :LAUNCHER:WRAPPER: WINTRUST.dll -> KERNEL32.dll!0x7c834ec9 = FindN
extFileA
[ 2237:0ca0] :LAUNCHER:WRAPPER: WINTRUST.dll -> KERNEL32.dll!0x7c80efca = FindN
extFileW
[ 2237:0ca0] :LAUNCHER:WRAPPER: WINTRUST.dll -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[ 2237:0ca0] :WRAPPER:LoadLibrary: WINTRUST.dll, handle is 76bf0000
[ 2237:0ca0] :WRAPPER:FreeLibrary:778f0000, 'C:\WINDOWS\system32\SETUPAPI.dll'
[ 2252:0ca0] :WRAPPER:FreeLibrary:72ca0000, 'C:\WINDOWS\system32\wdmaud.drv'
[ 2256:0ca0] :WRAPPER:FreeLibrary:72ca0000, 'C:\WINDOWS\system32\wdmaud.drv'
[ 2259:0ca0] :WRAPPER:LoadLibrary: msacm32.drv
[ 2260:0ca0] :LAUNCHER:WRAPPER: msacm32.drv -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 2260:0ca0] :LAUNCHER:WRAPPER: MSACM32.dll -> KERNEL32.dll!0x7c80ba04 = UnmapV
iewOfFile
[ 2260:0ca0] :LAUNCHER:WRAPPER: MSACM32.dll -> KERNEL32.dll!0x7c809420 = Create
FileMappingW
[ 2260:0ca0] :LAUNCHER:WRAPPER: MSACM32.dll -> KERNEL32.dll!0x7c80b995 = MapVie
wOfFile
[ 2260:0ca0] :LAUNCHER:WRAPPER: MSACM32.dll -> KERNEL32.dll!0x7c80e4cd = GetMod
uleHandleW
[ 2260:0ca0] :LAUNCHER:WRAPPER: MSACM32.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[ 2260:0ca0] :LAUNCHER:WRAPPER: MSACM32.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 2260:0ca0] :LAUNCHER:WRAPPER: MSACM32.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[ 2261:0ca0] :WRAPPER:LoadLibrary: msacm32.drv, handle is 72c90000
[ 2261:0ca0] :WRAPPER:FreeLibrary:72c90000, 'C:\WINDOWS\system32\msacm32.drv'
[ 2266:0ca0] :WRAPPER:LoadLibrary: midimap.dll

[ 2266:0ca0] :LAUNCHER:WRAPPER: midimap.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[ 2266:0ca0] :LAUNCHER:WRAPPER: midimap.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 2266:0ca0] :WRAPPER:LoadLibrary: midimap.dll, handle is 77ba0000
[ 2266:0ca0] :WRAPPER:FreeLibrary:77ba0000, 'C:\WINDOWS\system32\midimap.dll'
[ 2267:07b0] :WRAPPER: Search mciqtz32.dll in NULL
[ 2267:07b0] :WRAPPER:LoadLibrary: mciqtz32.dll
[ 2268:07b0] :LAUNCHER:WRAPPER: mciqtz32.dll -> KERNEL32.dll!0x7c80e4cd = GetMo
duleHandleW
[ 2268:07b0] :LAUNCHER:WRAPPER: mciqtz32.dll -> KERNEL32.dll!0x7c8449fd = SetUn
[ 2268:07b0] :LAUNCHER:WRAPPER: mciqtz32.dll -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[ 2268:07b0] :LAUNCHER:WRAPPER: mciqtz32.dll -> ole32.dll!0x774d057e = CoCreate
Instance
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c832b6e = GetPriv
ateProfileStringA
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c810b07 = GetFile
Size
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c809420 = CreateF
ileMappingW
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c80b995 = MapView
OfFile
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c80ba04 = UnmapVi
ewOfFile
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c810cfd = GetFile
InformationByHandle
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c8107f0 = CreateF
ileW
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c810c1e = SetFile
Pointer
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c801812 = ReadFil
e
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c80b731 = GetModu
leHandleA
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c80aedb = LoadLib
raryW
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c80e4cd = GetModu
leHandleW
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c809bd7 = CloseHa
ndle
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c8449fd = SetUnha
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c801d7b = LoadLib
raryA
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c80ac6e = FreeLib
rary
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c80ae30 = GetProc
Address
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> KERNEL32.dll!0x7c80b55f = GetModu
leFileNameA
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> ole32.dll!0x774d057e = CoCreateIn
stance
[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> OLEAUT32.dll!0x770f9d5a = LoadReg

TypeLib
[ 2268:07b0] :WRAPPER:LoadLibrary: mciqtz32.dll, handle is 621f0000
[ 2269:07b0] :WRAPPER: Search MCIAVI.mci in NULL
[ 2269:07b0] :WRAPPER: Search MPEGVide.mci in NULL
[ 2269:07b0] :WRAPPER:CoCreateInstance: {e436ebb3-524f-11ce-9f53-0020af0ba770}
[ 2269:07b0] :WRAPPER:CoCreateInstance/RIID: {56a8689f-0ad4-11ce-b03a-0020af0ba
770}
[ 2269:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\quartz.dll
[ 2269:07b0] :WRAPPER:LoadLibrary: CLBCATQ.DLL
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c801af5 = LoadLi
braryExW
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80b55f = GetMod
uleFileNameA
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c801a28 = Create
FileA
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80e4cd = GetMod
uleHandleW
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c8115cc = GetFil
eAttributesA
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c8094ee = Create
FileMappingA
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80b731 = GetMod
uleHandleA
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c801812 = ReadFi
le
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80ef71 = FindFi
rstFileW
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80efca = FindNe
xtFileW
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80ee67 = FindCl
ose
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80b7dc = GetFil
eAttributesW
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c8449fd = SetUnh
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c810c1e = SetFil
ePointer
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c8107f0 = Create
FileW
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80e76c = Search
PathW
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c809420 = Create
FileMappingW
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80b995 = MapVie
wOfFile
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80ba04 = UnmapV
iewOfFile
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> ole32.dll!0x774d0526 = CoCreateI
nstanceEx
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> ole32.dll!0x774d057e = CoCreateI
nstance
[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> OLEAUT32.dll!0x770f9d5a = LoadRe

gTypeLib
[ 2270:07b0] :WRAPPER:LoadLibrary: CLBCATQ.DLL, handle is 76f90000
[ 2270:07b0] :WRAPPER:LoadLibrary: CLBCATQ.DLL, handle is 76f90000
[ 2272:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\quartz.dll, handle is 74
7a0000
[ 2272:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\QUARTZ.dll
[ 2272:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\QUARTZ.dll, handle is 74
7a0000
[ 2273:0b60] :WRAPPER:CoCreateInstance: {cda42200-bd88-11d0-bd4e-00a0c911ce86}
[ 2273:0b60] :WRAPPER:CoCreateInstance/RIID: {00000000-0000-0000-c000-000000000
046}
[ 2274:0b60] :WRAPPER:CoCreateInstance: {e436ebb5-524f-11ce-9f53-0020af0ba770}
[ 2274:0b60] :WRAPPER:CoCreateInstance/RIID: {56a86895-0ad4-11ce-b03a-0020af0ba
770}
[ 2307:07b0] :WRAPPER:CoCreateInstance: {4315d437-5b8c-11d0-bd3b-00a0c911ce86}
[ 2307:07b0] :WRAPPER:CoCreateInstance/RIID: {0000011a-0000-0000-c000-000000000
046}
[ 2307:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\devenum.dll
[ 2308:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\devenum.dll
[ 2308:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\devenum.dll -> KERNEL32.dll
!0x7c80e4cd = GetModuleHandleW
!0x7c80aedb = LoadLibraryW
!0x7c801af5 = LoadLibraryExW
[ 2308:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\devenum.dll -> ole32.dll!0x
774d057e = CoCreateInstance
[ 2308:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\devenum.dll, handle is 7
6600000
[ 2309:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\devenum.dll, handle is 7
6600000
[ 2309:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\devenum.dll
[ 2309:07b0] :WRAPPER:CoCreateInstanceEx: {00000000-0000-0000-0000-000000000000
}
[ 2309:07b0] :WRAPPER:(80070057)CoCreateInstanceEx
[ 2310:07b0] :WRAPPER:LoadLibrary: oleaut32.dll, handle is 770f0000
[ 2310:0b60] :WRAPPER:CoCreateInstanceEx: {00000000-0000-0000-0000-000000000000
}
[ 2310:0b60] :WRAPPER:(80070057)CoCreateInstanceEx
[ 2310:0b60] :WRAPPER:CoCreateInstance: {336475d0-942a-11ce-a870-00aa002feab5}
046}
046}
[ 2343:0b60] :WRAPPER:CoCreateInstance: {4a2286e0-7bef-11ce-9bd9-0000e202599c}
046}
046}
[ 2344:0b60] :WRAPPER:CoCreateInstance: {38be3000-dbf4-11d0-860e-00a024cfef6d}
046}
[ 2345:0b60] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\l3codecx.ax
[ 2345:0b60] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\l3codecx.ax
[ 2346:0b60] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\l3codecx.ax -> KERNEL32.dll
[ 2346:0b60] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\l3codecx.ax -> KERNEL32.dll
[ 2346:0b60] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\l3codecx.ax -> ole32.dll!0x
[ 2346:0b60] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\l3codecx.ax, handle is 7
2c50000
[ 2346:0b60] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\l3codecx.ax, handle is 7
2c50000
[ 2346:0b60] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\l3codecx.ax
046}
[ 2347:0b60] :WRAPPER:CoCreateInstance: {79376820-07d0-11cf-a24d-0020afd79767}
046}
[ 2348:07b0] :WRAPPER:LoadLibrary: DSOUND.DLL
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c809bd7 = CloseHa
ndle
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c80e4cd = GetModu
leHandleW
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c810b07 = GetFile
Size
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c810c1e = SetFile
Pointer
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c801812 = ReadFil
e
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c8107f0 = CreateF
ileW
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c80ac6e = FreeLib
rary
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c80ae30 = GetProc
Address
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c80aedb = LoadLib
raryW
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c80ba04 = UnmapVi
ewOfFile
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c80b995 = MapView
OfFile
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c809420 = CreateF
ileMappingW
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> KERNEL32.dll!0x7c8449fd = SetUnha
[ 2348:07b0] :LAUNCHER:WRAPPER: DSOUND.DLL -> ole32.dll!0x774d057e = CoCreateIn
stance
[ 2349:07b0] :WRAPPER:LoadLibrary: DSOUND.DLL, handle is 73e90000

7043f)
[ 2349:07b0] :BOX: ReadFile 0x0090dcb4 <- 0x40 bytes at 0x0 'TRAINER V4.EXE'
[ 2354:07b0] :BOX: ReadFile(OK) 0x40 wasread 0x40 offs 0x0 'TRAINER V4.EXE'
[ 2354:07b0] :BOX: SetFilePointer(OK): SET 248(0xf8)/0x57043f, 0x40->0xf8 'TRAI
NER V4.EXE'
[ 2354:07b0] :BOX: ReadFile 0x0090dbac <- 0xf8 bytes at 0xf8 'TRAINER V4.EXE'
[ 2354:07b0] :BOX: ReadFile(OK) 0xf8 wasread 0xf8 offs 0xf8 'TRAINER V4.EXE'
[ 2354:07b0] :BOX: GetFileSize: 'TRAINER V4.EXE'
[ 2354:07b0] :WRAPPER:LoadLibrary: setupapi.dll, handle is 778f0000
[ 2355:07b0] :WRAPPER:FreeLibrary:778f0000, 'C:\WINDOWS\system32\SETUPAPI.dll'
[ 2368:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\System32\Drivers\RtkHDAud.sys
[ 2368:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\System32\Drivers\RtkHDAud.sys, ha
ndle is 03590001
[ 2368:07b0] :WRAPPER:FreeLibrary:03590001, '???'
ndle is 03590001
[ 2369:07b0] :WRAPPER:LoadLibrary: KsUser.dll
[ 2369:07b0] :WRAPPER:LoadLibrary: KsUser.dll, handle is 73e60000
[ 2375:07b0] :WRAPPER:LoadLibrary: DSOUND.DLL, handle is 73e90000
[ 2375:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\DSOUND.DLL
[ 2375:07b0] :WRAPPER:FreeLibrary:73e90000, 'C:\WINDOWS\system32\DSOUND.DLL'
[ 2376:07b0] :WRAPPER:CoCreateInstance: {1e651cc0-b199-11d0-8212-00c04fc32c45}
[ 2376:07b0] :WRAPPER:CoCreateInstance/RIID: {56a8689c-0ad4-11ce-b03a-0020af0ba
770}
[ 2377:07b0] :WRAPPER:CoCreateInstance: {060af76c-68dd-11d0-8fc1-00c04fd9189d}
046}
7043f)
[ 2378:07b0] :BOX: ReadFile 0x0090ee10 <- 0x40 bytes at 0x0 'TRAINER V4.EXE'
NER V4.EXE'
[ 2378:07b0] :BOX: ReadFile 0x0090ed08 <- 0xf8 bytes at 0xf8 'TRAINER V4.EXE'
[ 2378:07b0] :BOX: GetFileSize: 'TRAINER V4.EXE'
ndle is 03e90001
[ 2381:07b0] :WRAPPER:FreeLibrary:03e90001, '???'
ndle is 03e90001
[ 2382:07b0] :WRAPPER:FreeLibrary:03e90001, '???'

[ 3786:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\asycfilt.dll
[ 3787:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\asycfilt.dll -> KERNEL32.dl
[ 3787:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\asycfilt.dll, handle is
70e20000

[ 10588:07b0] :WRAPPER:LoadLibrary: GDIPlus.dll
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c801a28 = Create
FileA
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c81cafa = ExitPr
ocess
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c80b55f = GetMod
uleFileNameA
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c80e76c = Search
PathW
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c8217d2 = Search
PathA
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c809420 = Create

FileMappingW
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c8107f0 = Create
FileW
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c810c1e = SetFil
ePointer
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c801812 = ReadFi
le
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c8322d4 = Unlock
File
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c810cfd = GetFil
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c832379 = LockFi
le
[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c810b07 = GetFil
eSize
[ 10589:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c8094ee = Create
FileMappingA
[ 10589:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c80b995 = MapVie
wOfFile
[ 10589:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c80ba04 = UnmapV
iewOfFile
[ 10589:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c80b731 = GetMod
uleHandleA
[ 10589:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[ 10589:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[ 10589:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c80e4cd = GetMod
uleHandleW
[ 10589:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[ 10589:07b0] :WRAPPER:LoadLibrary: GDIPlus.dll, handle is 4eba0000
[ 10593:07b0] :WRAPPER:LoadLibrary: user32.dll, handle is 7e390000
[ 10593:07b0] :WRAPPER:FreeLibrary:7e390000, 'C:\WINDOWS\system32\USER32.dll'
[ 10593:07b0] :WRAPPER:LoadLibrary: gdi32.dll, handle is 77ef0000
[ 10593:07b0] :WRAPPER:FreeLibrary:77ef0000, 'C:\WINDOWS\system32\GDI32.dll'
[ 10626:07b0] :WRAPPER: Search C:\DOCUME~1\CABINA9\CONFIG~1\Temp\124\34.bmp in N
ULL
ULL
ULL
ULL
ULL
ULL
[ 13719:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\rundll32.exe
[ 13719:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\rundll32.exe, handle is
055d0001
[ 13719:07b0] :WRAPPER:FreeLibrary:055d0001, '???'
[ 13719:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\rundll32.exe
[ 13720:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\rundll32.exe, handle is
055d0001
[ 13720:07b0] :WRAPPER:FreeLibrary:055d0001, '???'
[ 13722:07b0] :WRAPPER:CoCreateInstance: {8856f961-340a-11d0-a96b-00c04fd705a2}
046}
[ 13722:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\shdocvw.dll
[ 13723:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\shdocvw.dll
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c80b995 = MapVie
wOfFile
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c801d53 = LoadLi
braryExA
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c80aedb = LoadLi
braryW
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c8094ee = Create
FileMappingA
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c809bd7 = CloseH
andle
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c80e4cd = GetMod
uleHandleW
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c80b731 = GetMod
uleHandleA
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c810c1e = SetFil
ePointer
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c801a28 = Create
FileA
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c810b07 = GetFil
eSize
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c80ba04 = UnmapV
iewOfFile
[ 13732:07b0] :LAUNCHER:WRAPPER: CRYPTUI.dll -> KERNEL32.dll!0x7c8107f0 = Create
FileW
[ 13732:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\shdocvw.dll -> KERNEL32.dll
!0x7c810c1e = SetFilePointer
!0x7c801812 = ReadFile
!0x7c810b07 = GetFileSize
!0x7c80ee67 = FindClose
!0x7c801a28 = CreateFileA
!0x7c81cafa = ExitProcess
!0x7c8449fd =
[ 13733:07b0]
!0x7c80aedb =
[ 13733:07b0]
!0x7c80e4cd =
[ 13733:07b0]
!0x7c801d7b =
[ 13733:07b0]
!0x7c80ac6e =
[ 13733:07b0]
!0x7c80b731 =
[ 13733:07b0]
!0x7c80ae30 =
[ 13733:07b0]
!0x7c801d53 =
[ 13733:07b0]
!0x7c809bd7 =
[ 13733:07b0]
e210000
[ 13735:07b0]
e210000
[ 13735:07b0]
[ 13735:07b0]
[ 13736:07b0]
[ 13736:07b0]
[ 13736:07b0]
[ 13736:07b0]
[ 13737:07b0]
[ 13752:07b0]
[ 13752:07b0]
yW
[ 13752:07b0]
W
[ 13752:07b0]
ress
[ 13752:07b0]
y
[ 13752:07b0]
yA
[ 13752:07b0]
andleW
[ 13752:07b0]
[ 13752:07b0]
ileW
[ 13752:07b0]
leW
[ 13752:07b0]
ributesW
[ 13752:07b0]
e
[ 13752:07b0]
e
[ 13752:07b0]
fFile
[ 13752:07b0]
W
[ 13752:07b0]
MappingW
[ 13752:07b0]
ile
SetUnhandledExceptionFilter
:LAUNCHER:WRAPPER: C:\WINDOWS\system32\shdocvw.dll -> KERNEL32.dll
LoadLibraryW
GetModuleHandleW
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryExA
CloseHandle
:WRAPPER:LoadLibrary: C:\WINDOWS\system32\shdocvw.dll, handle is 7
:WRAPPER:LoadLibrary: C:\WINDOWS\system32\shdocvw.dll, handle is 7
:DLL_LOADER: fixuping imports of C:\WINDOWS\system32\shdocvw.dll
:WRAPPER:LoadLibrary: SHELL32.dll, handle is 7e6a0000
:WRAPPER:LoadLibrary: OLEAUT32.dll, handle is 770f0000
:WRAPPER:LoadLibrary: ole32.dll, handle is 774b0000
:WRAPPER:LoadLibrary: SHELL32.DLL, handle is 7e6a0000
:WRAPPER:FreeLibrary:7e6a0000, 'C:\WINDOWS\system32\SHELL32.dll'
:WRAPPER:LoadLibrary: WININET.dll, handle is 77180000
:WRAPPER:LoadLibrary: SXS.DLL
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80aedb = LoadLibrar
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80e76c = SearchPath
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80ae30 = GetProcAdd
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80ac6e = FreeLibrar
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c801d7b = LoadLibrar
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80e4cd = GetModuleH
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80ee67 = FindClose
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80ef71 = FindFirstF
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80efca = FindNextFi
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80b7dc = GetFileAtt
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c810b07 = GetFileSiz
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c809bd7 = CloseHandl
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80ba04 = UnmapViewO
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c8107f0 = CreateFile
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c809420 = CreateFile
:LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80b995 = MapViewOfF
[ 13752:07b0] :LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c801812 = ReadFile

[ 13752:07b0] :LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80b731 = GetModuleH
andleA
[ 13752:07b0] :LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c801af5 = LoadLibrar
yExW
[ 13752:07b0] :LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c80b55f = GetModuleF
ileNameA
[ 13752:07b0] :LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c810c1e = SetFilePoi
nter
[ 13752:07b0] :LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c810cfd = GetFileInf
ormationByHandle
[ 13753:07b0] :WRAPPER:LoadLibrary: SXS.DLL, handle is 76980000
[ 13757:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\shdoclc.dll
[ 13757:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\shdoclc.dll, handle is 7
1800000
[ 13758:07b0] :WRAPPER:LoadLibrary: COMCTL32.dll, handle is 773a0000
[ 13759:07b0] :WRAPPER:LoadLibrary: xpsp2res.dll
[ 13759:07b0] :WRAPPER:LoadLibrary: xpsp2res.dll, handle is 05840000
[ 13760:07b0] :WRAPPER:LoadLibrary: URLMON.DLL, handle is 7df20000
[ 13760:07b0] :WRAPPER:FreeLibrary:7df20000, 'C:\WINDOWS\system32\urlmon.dll'
[ 13761:07b0] :WRAPPER:LoadLibrary: OLEAUT32.dll, handle is 770f0000
[ 13761:07b0] :WRAPPER:LoadLibrary: mlang.dll
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> GDI32.dll!0x77f0a005 = AddFontReso
urceA
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c80ba04 = UnmapVie
wOfFile
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c80b995 = MapViewO
fFile
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c8094ee = CreateFi
leMappingA
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c810b07 = GetFileS
ize
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c801a28 = CreateFi
leA
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c8449fd = SetUnhan
dledExceptionFilter
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c80aedb = LoadLibr
aryW
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c80e4cd = GetModul
eHandleW
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c809bd7 = CloseHan
dle
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c80ae30 = GetProcA
ddress
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c80b731 = GetModul
eHandleA
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c801d7b = LoadLibr
aryA
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c80ac6e = FreeLibr
ary
[ 13765:07b0] :LAUNCHER:WRAPPER: mlang.dll -> KERNEL32.dll!0x7c80b55f = GetModul
eFileNameA
[ 13765:07b0] :WRAPPER:LoadLibrary: mlang.dll, handle is 75dd0000
[ 13766:08d0] :WRAPPER:LoadLibrary: WS2_32.dll, handle is 71a30000
[ 13766:07b0] :WRAPPER:LoadLibrary: MLANG.dll, handle is 75dd0000
[ 14047:06f0] :WRAPPER:LoadLibrary: C:\WINDOWS\System32\mswsock.dll, handle is 7
19d0000
[ 14642:07b0] :WRAPPER:CoGetClassObject: {8f6b0360-b80d-11d0-a9b3-006097942311}
[ 14642:07b0] :WRAPPER:CoGetClassObject/RIID: {00000001-0000-0000-c000-000000000

046}
[ 14642:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\urlmon.dll
[ 14643:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\urlmon.dll, handle is 7d
f20000
[ 14643:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\urlmon.dll
[ 14656:07b0] :WRAPPER:CoGetClassObject: {25336920-03f9-11cf-8fd0-00aa00686f13}
046}
[ 14657:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\mshtml.dll
[ 14657:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\mshtml.dll
[ 14658:07b0] :WRAPPER:LoadLibrary: VERSION.dll, handle is 77bd0000
[ 14658:07b0] :WRAPPER:LoadLibrary: C:\Archivos de programa\Microsoft Office\Off
ice12\outllib.dll
[ 14658:07b0] :WRAPPER:LoadLibrary: C:\Archivos de programa\Microsoft Office\Off
ice12\outllib.dll, error 126
[ 14659:07b0] :WRAPPER:FreeLibrary:7e6a0000, 'C:\WINDOWS\system32\SHELL32.dll'
[ 14659:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\mshtml.dll -> KERNEL32.dll!
0x7c80b731 = GetModuleHandleA
0x7c80ba04 = UnmapViewOfFile
0x7c80b995 = MapViewOfFile
0x7c832b6e = GetPrivateProfileStringA
0x7c801d53 = LoadLibraryExA
0x7c80b55f = GetModuleFileNameA
0x7c801812 = ReadFile
0x7c810b07 = GetFileSize
0x7c80ee67 = FindClose
0x7c8217d2 = SearchPathA
0x7c8353e6 = _lread
0x7c8094ee = CreateFileMappingA
0x7c801a28 = CreateFileA
[ 14659:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\mshtml.dll -> ole32.dll!0x7
74e56c5 = CoGetClassObject
[ 14659:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\mshtml.dll -> ole32.dll!0x7

[ 14660:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\mshtml.dll, handle is 7d
be0000
[ 14661:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\mshtml.dll, handle is 7d
be0000
[ 14661:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\mshtml.dll
[ 14665:07b0] :WRAPPER:CoGetClassObject: {3050f406-98b5-11cf-bb82-00aa00bdce0b}
046}
046}
046}
[ 14669:07b0] :WRAPPER:CoGetClassObject: {7b8a2d94-0ac9-11d1-896c-00c04fb6bfc4}
046}
[ 14670:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\urlmon.dll, handle is 7d
f20000
[ 14674:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\shdoclc.dll, handle is 7
1800000
[ 15693:07b0] :WRAPPER:CoCreateInstance: {50d5107a-d278-4871-8989-f4ceaaf59cfc}
[ 15693:07b0] :WRAPPER:CoCreateInstance/RIID: {08c0e040-62d1-11d1-9326-0060b067b
86e}
[ 15693:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\msimtf.dll
[ 15693:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msimtf.dll
[ 15693:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\msimtf.dll -> KERNEL32.dll!
[ 15694:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msimtf.dll, handle is 74
680000
[ 15695:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msimtf.dll, handle is 74
680000
[ 15695:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\msimtf.dll
[ 15696:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\ole32.dll, handle is 774
b0000
[ 15696:07b0] :WRAPPER:CoCreateInstance: {3ce74de4-53d3-4d74-8b83-431b3828ba53}
[ 15696:07b0] :WRAPPER:CoCreateInstance/RIID: {8ded7393-5db1-475c-9e71-a39111b0f
f67}
[ 15696:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\msctf.dll
[ 15697:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msctf.dll, handle is 746

b0000
[ 15697:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\MSCTF.dll
[ 15697:07b0] :WRAPPER:CoCreateInstance: {a4b544a1-438d-4b41-9325-869523e2d6c7}
[ 15697:07b0] :WRAPPER:CoCreateInstance/RIID: {c3acefb5-f69d-4905-938f-fcadcf4be
830}
[ 15697:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\msctf.dll
[ 15698:07b0] :WRAPPER:LoadLibrary: OLEAUT32.DLL, handle is 770f0000
[ 15699:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\ole32.dll, handle is 774
b0000
[ 15699:07b0] :WRAPPER:CoCreateInstance: {fa445657-9379-11d6-b41a-00065b83ee53}
[ 15699:07b0] :WRAPPER:CoCreateInstance/RIID: {aa80e7f7-2021-11d2-93e0-0060b067b
86e}
[ 15700:07b0] :WRAPPER:CoCreateInstance: {f414c260-6ac0-11cf-b6d1-00aa00bbbb58}
[ 15700:07b0] :WRAPPER:CoCreateInstance/RIID: {bb1a2ae1-a4f9-11cf-8f20-00805f2cd
064}
[ 15700:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\jscript.dll
[ 15700:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\jscript.dll
[ 15701:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\jscript.dll -> OLEAUT32.dll
!0x770f9d5a = LoadRegTypeLib
[ 15701:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\jscript.dll -> ole32.dll!0x
774e56c5 = CoGetClassObject
[ 15701:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\jscript.dll -> ole32.dll!0x
[ 15701:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\jscript.dll -> KERNEL32.dll
!0x7c801af5 = LoadLibraryExW
!0x7c80b995 = MapViewOfFile
!0x7c80e4cd = GetModuleHandleW
!0x7c801d53 = LoadLibraryExA
!0x7c80b731 = GetModuleHandleA
!0x7c809420 = CreateFileMappingW
!0x7c8107f0 = CreateFileW
!0x7c80ba04 = UnmapViewOfFile
!0x7c80e76c = SearchPathW
[ 15701:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\jscript.dll, handle is 7
5c00000
[ 15702:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\jscript.dll, handle is 7
5c00000
[ 15702:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\jscript.dll
[ 15702:07b0] :WRAPPER:LoadLibrary: kernel32.dll, handle is 7c800000

[ 15702:07b0] :WRAPPER:FreeLibrary:7c800000, 'C:\WINDOWS\system32\kernel32.dll'
[ 15702:07b0] :WRAPPER:CoCreateInstance: {00000323-0000-0000-c000-000000000046}
046}
[ 15702:07b0] :WRAPPER:CoCreateInstance: {6c736db1-bd94-11d0-8a23-00aa00b58e10}
[ 15702:07b0] :WRAPPER:CoCreateInstance/RIID: {6c736dc1-ab0d-11d0-a2ad-00a0c90f2
7e8}
[ 15704:07b0] :WRAPPER:LoadLibrary: OLE32, handle is 774b0000
[ 15705:0278] :WRAPPER:LoadLibrary: OLE32.DLL, handle is 774b0000
[ 15707:07b0] :WRAPPER:LoadLibrary: mshtml.dll, handle is 7dbe0000
[ 15708:07b0] :WRAPPER:CoGetClassObject: {d27cdb6e-ae6d-11cf-96b8-444553540000}
046}
[ 15708:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\Macromed\Flash\Flash3
2_11_2_202_228.ocx
[ 15709:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\Macromed\Flash\Flash32_1
1_2_202_228.ocx
[ 15711:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\Macromed\Flash\Flash32_11_2
_202_228.ocx -> OLEAUT32.dll!0x770f9d5a = LoadRegTypeLib
[ 15711:07b0] :LAUNCHER:WRAPPER: MSIMG32.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
_202_228.ocx -> KERNEL32.dll!0x7c8115cc = GetFileAttributesA
_202_228.ocx -> KERNEL32.dll!0x7c801d7b = LoadLibraryA
_202_228.ocx -> KERNEL32.dll!0x7c80b55f = GetModuleFileNameA
_202_228.ocx -> KERNEL32.dll!0x7c801af5 = LoadLibraryExW
_202_228.ocx -> KERNEL32.dll!0x7c80ee67 = FindClose
_202_228.ocx -> KERNEL32.dll!0x7c80efca = FindNextFileW
_202_228.ocx -> KERNEL32.dll!0x7c80ef71 = FindFirstFileW
_202_228.ocx -> KERNEL32.dll!0x7c8107f0 = CreateFileW
_202_228.ocx -> KERNEL32.dll!0x7c80b7dc = GetFileAttributesW
_202_228.ocx -> KERNEL32.dll!0x7c801a28 = CreateFileA
_202_228.ocx -> KERNEL32.dll!0x7c810c1e = SetFilePointer
_202_228.ocx -> KERNEL32.dll!0x7c801812 = ReadFile
_202_228.ocx -> KERNEL32.dll!0x7c810b07 = GetFileSize
_202_228.ocx -> KERNEL32.dll!0x7c8449fd = SetUnhandledExceptionFilter
_202_228.ocx -> KERNEL32.dll!0x7c810cfd = GetFileInformationByHandle
_202_228.ocx -> KERNEL32.dll!0x7c80ba04 = UnmapViewOfFile
_202_228.ocx -> KERNEL32.dll!0x7c80b995 = MapViewOfFile
_202_228.ocx -> KERNEL32.dll!0x7c8094ee = CreateFileMappingA
_202_228.ocx -> KERNEL32.dll!0x7c80b731 = GetModuleHandleA

_202_228.ocx -> KERNEL32.dll!0x7c81cafa = ExitProcess
_202_228.ocx -> KERNEL32.dll!0x7c80e4cd = GetModuleHandleW
_202_228.ocx -> KERNEL32.dll!0x7c80ac6e = FreeLibrary
_202_228.ocx -> KERNEL32.dll!0x7c809bd7 = CloseHandle
_202_228.ocx -> KERNEL32.dll!0x7c80aedb = LoadLibraryW
_202_228.ocx -> KERNEL32.dll!0x7c80ae30 = GetProcAddress
_202_228.ocx -> ole32.dll!0x774d057e = CoCreateInstance
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c80aedb = LoadLibr
aryW
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c8449fd = SetUnhan
dledExceptionFilter
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c810c1e = SetFileP
ointer
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c809bd7 = CloseHan
dle
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c80ba04 = UnmapVie
wOfFile
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c80b995 = MapViewO
fFile
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c809420 = CreateFi
leMappingW
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c810b07 = GetFileS
ize
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c8107f0 = CreateFi
leW
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c80b7dc = GetFileA
ttributesW
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c80ac6e = FreeLibr
ary
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c80ae30 = GetProcA
ddress
[ 15711:07b0] :LAUNCHER:WRAPPER: mscms.dll -> KERNEL32.dll!0x7c80e4cd = GetModul
eHandleW
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80ac6e = FreeL
ibrary
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80ae30 = GetPr
ocAddress
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80aedb = LoadL
ibraryW
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c809bd7 = Close
Handle
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c801af5 = LoadL
ibraryExW
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80b7dc = GetFi
leAttributesW
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c8107f0 = Creat
eFileW
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c801d7b = LoadL
ibraryA
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80e4cd = GetMo
duleHandleW
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80e76c = Searc
hPathW
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80ee67 = FindC
lose
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80ef71 = FindF
irstFileW
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c810b07 = GetFi
leSize
[ 15711:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c801812 = ReadF
ile
[ 15712:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c810c1e = SetFi
lePointer
[ 15712:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c8449fd = SetUn
[ 15712:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80b995 = MapVi
ewOfFile
[ 15712:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c80ba04 = Unmap
ViewOfFile
[ 15712:07b0] :LAUNCHER:WRAPPER: WINSPOOL.DRV -> KERNEL32.dll!0x7c809420 = Creat
eFileMappingW
1_2_202_228.ocx, handle is 10000000
1_2_202_228.ocx, handle is 10000000
[ 15713:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\Macromed\Flas
h\Flash32_11_2_202_228.ocx
[ 15714:07b0] :WRAPPER:LoadLibrary: version.dll, handle is 77bd0000
[ 15714:07b0] :WRAPPER:FindFirstFileW \\?\C:\WINDOWS\system32\Macromed\Flash\ss.
sgn
cfg
sgn
[ 15715:07b0] :WRAPPER:FreeLibrary:77bd0000, 'C:\WINDOWS\system32\VERSION.dll'
[ 15718:07b0] :WRAPPER:FindFirstFileW \\?\C:\Documents and Settings\CABINA9\Dato
s de programa\Adobe\Flash Player\AssetCache
s de programa\Adobe\Flash Player\AssetCache\*
[ 15718:07b0] :WRAPPER:LoadLibrary: ieframe.dll
[ 15719:07b0] :WRAPPER:LoadLibrary: ieframe.dll, error 126
[ 15719:07b0] :WRAPPER:CoCreateInstance: {0002e005-0000-0000-c000-000000000046}
[ 15719:07b0] :WRAPPER:CoCreateInstance/RIID: {0002e013-0000-0000-c000-000000000
046}
[ 15719:07b0] :WRAPPER: INPROC SERVER OLE32.DLL
[ 15724:07b0] :WRAPPER:LoadLibrary: oleaut32.dll, handle is 770f0000
[ 15732:07b0] :WRAPPER:LoadLibrary: Kernel32.dll, handle is 7c800000

[ 15777:07b0] :WRAPPER:LoadLibrary: MLANG.dll, handle is 75dd0000
046}
2_11_2_202_228.ocx
sgn
cfg
sgn
[ 15864:07b0] :WRAPPER:Search: C:\WINDOWS\system32\Macromed\Flash\Flash32_11_2_2
02_228.ocx in NULL
046}
2_11_2_202_228.ocx
sgn
cfg
sgn
[ 15869:07b0] :WRAPPER:LoadLibrary: \\?\C:\Documents and Settings\CABINA9\Mis do
cumentos\Downloads\trainer v4\trainer v4.exe, handle is 00400000
[ 15869:07b0] :WRAPPER:FreeLibrary:00400000, 'C:\Documents and Settings\CABINA9\
Mis documentos\Downloads\trainer v4\trainer v4.exe'
[ 15869:07b0] :WRAPPER:LoadLibrary: \\?\C:\Documents and Settings\CABINA9\Mis do
cumentos\Downloads\trainer v4\trainer v4.exe, handle is 00400000
[ 15877:07b0] :WRAPPER:CoCreateInstance: {4fd2a832-86c8-11d0-8fca-00c04fd9189d}
[ 15877:07b0] :WRAPPER:CoCreateInstance/RIID: {4fd2a833-86c8-11d0-8fca-00c04fd91
89d}
[ 15877:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\ddrawex.dll
[ 15882:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\ddrawex.dll
[ 15886:07b0] :LAUNCHER:WRAPPER: DCIMAN32.dll -> KERNEL32.dll!0x7c8449fd = SetUn
[ 15886:07b0] :LAUNCHER:WRAPPER: DCIMAN32.dll -> KERNEL32.dll!0x7c80ae30 = GetPr
ocAddress
[ 15886:07b0] :LAUNCHER:WRAPPER: DCIMAN32.dll -> KERNEL32.dll!0x7c80b731 = GetMo
duleHandleA
[ 15886:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c801a28 = CreateFi
leA
[ 15886:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c801812 = ReadFile
[ 15886:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c810c1e = SetFileP
ointer
[ 15886:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c80b55f = GetModul
eFileNameA
[ 15886:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c8449fd = SetUnhan
dledExceptionFilter
[ 15886:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c809bd7 = CloseHan
dle
[ 15886:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c80ac6e = FreeLibr
ary
[ 15886:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c80ae30 = GetProcA
ddress
[ 15887:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c801d7b = LoadLibr
aryA
[ 15887:07b0] :LAUNCHER:WRAPPER: DDRAW.dll -> KERNEL32.dll!0x7c80b731 = GetModul
eHandleA
[ 15887:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\ddrawex.dll -> KERNEL32.dll
[ 15887:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\ddrawex.dll, handle is 6
d940000
[ 15888:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\ddrawex.dll, handle is 6
d940000
[ 15888:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\ddrawex.dll
[ 15888:07b0] :WRAPPER:LoadLibrary: ddraw.dll, handle is 736e0000
[ 15888:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\DDRAW.dll, handle is 736
e0000
[ 15888:07b0] :WRAPPER:FreeLibrary:736e0000, 'C:\WINDOWS\system32\DDRAW.dll'
[ 15889:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\DDRAW.dll, handle is 736
e0000
[ 15889:07b0] :WRAPPER:FreeLibrary:736e0000, 'C:\WINDOWS\system32\DDRAW.dll'
7043f)
[ 15892:07b0] :BOX: ReadFile 0x0090e0c4 <- 0x40 bytes at 0x0 'TRAINER V4.EXE'
NER V4.EXE'
[ 15892:07b0] :BOX: ReadFile 0x0090dfa8 <- 0xf8 bytes at 0xf8 'TRAINER V4.EXE'
[ 15898:07b0] :WRAPPER:LoadLibrary: Secur32.dll, handle is 77fc0000
[ 15898:07b0] :WRAPPER:LoadLibrary: crypt32.dll, handle is 77a50000
[ 15898:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\schannel.dll
[ 15899:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\schannel.dll -> KERNEL32.dl
l!0x7c80ac6e = FreeLibrary
l!0x7c80aedb = LoadLibraryW
l!0x7c80ae30 = GetProcAddress
l!0x7c809bd7 = CloseHandle
l!0x7c801d7b = LoadLibraryA
[ 15899:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\schannel.dll, handle is
767b0000
s de programa\Macromedia\Flash Player\#SharedObjects
s de programa\Macromedia\Flash Player\#SharedObjects\*
s de programa\Macromedia\Flash Player\#SharedObjects\453B56FV\macromedia.com\sup
port\flashplayer\sys\settings.sol
[ 16392:0898] :WRAPPER:LoadLibrary: ImgUtil.dll
[ 16400:0898] :LAUNCHER:WRAPPER: ImgUtil.dll -> KERNEL32.dll!0x7c8449fd = SetUnh
[ 16400:0898] :LAUNCHER:WRAPPER: ImgUtil.dll -> KERNEL32.dll!0x7c80b55f = GetMod
uleFileNameA
[ 16400:0898] :LAUNCHER:WRAPPER: ImgUtil.dll -> KERNEL32.dll!0x7c80b731 = GetMod
uleHandleA
[ 16400:0898] :LAUNCHER:WRAPPER: ImgUtil.dll -> KERNEL32.dll!0x7c80ae30 = GetPro
cAddress
[ 16400:0898] :LAUNCHER:WRAPPER: ImgUtil.dll -> KERNEL32.dll!0x7c801d7b = LoadLi
braryA
[ 16400:0898] :LAUNCHER:WRAPPER: ImgUtil.dll -> KERNEL32.dll!0x7c80ac6e = FreeLi
brary
[ 16400:0898] :LAUNCHER:WRAPPER: ImgUtil.dll -> ole32.dll!0x774d057e = CoCreateI
nstance
[ 16400:0898] :WRAPPER:LoadLibrary: ImgUtil.dll, handle is 66d30000
[ 16400:0898] :WRAPPER:CoCreateInstance: {30c3b080-30fb-11d0-b724-00aa006c1a01}
[ 16400:0898] :WRAPPER:CoCreateInstance/RIID: {d9e89500-30fa-11d0-b724-00aa006c1
a01}
[ 16400:0898] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\imgutil.dll
[ 16401:0898] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\imgutil.dll, handle is 6
6d30000
[ 16401:0898] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\ImgUtil.dll
[ 16401:0898] :WRAPPER:CoCreateInstance: {6a01fda0-30df-11d0-b724-00aa006c1a01}
[ 16401:0898] :WRAPPER:CoCreateInstance/RIID: {4ef17940-30e0-11d0-b724-00aa006c1
a01}
[ 16401:0898] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\imgutil.dll
[ 16409:0898] :WRAPPER:CoCreateInstance: {a3ccedf7-2de2-11d0-86f4-00a0c913f750}
[ 16409:0898] :WRAPPER:CoCreateInstance/RIID: {a3ccedf3-2de2-11d0-86f4-00a0c913f
750}
[ 16409:0898] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\pngfilt.dll
[ 16409:0898] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\pngfilt.dll
[ 16410:0898] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\pngfilt.dll -> KERNEL32.dll
!0x7c80b731 = GetModuleHandleA
[ 16410:0898] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\pngfilt.dll -> ole32.dll!0x
[ 16410:0898] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\pngfilt.dll, handle is 5
e730000
[ 16411:0898] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\pngfilt.dll, handle is 5
e730000
[ 16411:0898] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\pngfilt.dll
064}
[ 16983:07b0]
7e8}
[ 16984:07b0]
[ 16984:07b0]
[ 17686:0898]
[ 17686:0898]
a01}
[ 17686:0898]
[ 17687:0898]
[ 17687:0898]
a01}
[ 17687:0898]
[ 17687:0898]
[ 17687:0898]
750}
[ 17687:0898]
[ 17803:07b0]
5c00000
[ 17803:07b0]
[ 17810:07b0]
[ 17811:092c]
[ 17811:092c]
[ 17812:092c]
[ 17812:092c]
[ 17812:092c]
[ 17812:092c]
[ 17812:092c]
[ 17812:092c]
[ 18245:0898]
[ 18245:0898]
a01}
[ 18245:0898]
[ 18245:0898]
[ 18245:0898]
a01}
[ 18245:0898]
[ 18245:0898]
[ 18245:0898]
750}
[ 18245:0898]
[ 18687:07b0]
[ 18687:07b0]
064}
[ 18687:07b0]
[ 18687:07b0]
[ 18687:07b0]
[ 18687:07b0]
[ 18687:07b0]
7e8}
[ 18706:07b0]
[ 18707:07b0]
[ 18820:0898]
[ 18821:0898]
a01}
[ 18821:0898]
[ 18821:0898]
[ 18821:0898]
a01}
[ 18821:0898]
[ 18821:0898]
:WRAPPER:CoCreateInstance/RIID: {6c736dc1-ab0d-11d0-a2ad-00a0c90f2
:WRAPPER:LoadLibrary: URLMON.DLL, handle is 7df20000
:WRAPPER:FreeLibrary:7df20000, 'C:\WINDOWS\system32\urlmon.dll'
:WRAPPER:CoCreateInstance: {30c3b080-30fb-11d0-b724-00aa006c1a01}
:WRAPPER:CoCreateInstance/RIID: {d9e89500-30fa-11d0-b724-00aa006c1
:WRAPPER: INPROC SERVER C:\WINDOWS\system32\imgutil.dll
:WRAPPER:CoCreateInstance: {6a01fda0-30df-11d0-b724-00aa006c1a01}
:WRAPPER:CoCreateInstance/RIID: {4ef17940-30e0-11d0-b724-00aa006c1
:WRAPPER:CoCreateInstance: {a3ccedf7-2de2-11d0-86f4-00a0c913f750}
:WRAPPER:CoCreateInstance/RIID: {a3ccedf3-2de2-11d0-86f4-00a0c913f
:WRAPPER: INPROC SERVER C:\WINDOWS\system32\pngfilt.dll
:WRAPPER:LoadLibrary: C:\WINDOWS\system32\jscript.dll, handle is 7
:WRAPPER: Search C:\WINDOWS\system32\jscript.dll in NULL
:WRAPPER:FreeLibrary:75c00000, 'C:\WINDOWS\system32\jscript.dll'
:WRAPPER:LoadLibrary: kernel32.dll, handle is 7c800000
:WRAPPER:LoadLibrary: user32.dll, handle is 7e390000
:WRAPPER:LoadLibrary: shell32.dll, handle is 7e6a0000
:WRAPPER:LoadLibrary: version.dll, handle is 77bd0000
:WRAPPER:FreeLibrary:77bd0000, 'C:\WINDOWS\system32\VERSION.dll'
:WRAPPER:FreeLibrary:7e6a0000, 'C:\WINDOWS\system32\SHELL32.dll'
:WRAPPER:FreeLibrary:7e390000, 'C:\WINDOWS\system32\USER32.dll'
:WRAPPER:FreeLibrary:7c800000, 'C:\WINDOWS\system32\kernel32.dll'
:WRAPPER:CoCreateInstance/RIID: {a3ccedf3-2de2-11d0-86f4-00a0c913f
:WRAPPER: INPROC SERVER C:\WINDOWS\system32\pngfilt.dll
:WRAPPER:CoCreateInstance: {f414c260-6ac0-11cf-b6d1-00aa00bbbb58}
:WRAPPER:CoCreateInstance/RIID: {bb1a2ae1-a4f9-11cf-8f20-00805f2cd
:WRAPPER: INPROC SERVER C:\WINDOWS\system32\jscript.dll
:WRAPPER:LoadLibrary: kernel32.dll, handle is 7c800000
:WRAPPER:FreeLibrary:7c800000, 'C:\WINDOWS\system32\kernel32.dll'
:WRAPPER:CoCreateInstance: {6c736db1-bd94-11d0-8a23-00aa00b58e10}
:WRAPPER:CoCreateInstance/RIID: {6c736dc1-ab0d-11d0-a2ad-00a0c90f2
:WRAPPER:LoadLibrary: USER32.DLL, handle is 7e390000
:WRAPPER:LoadLibrary: UxTheme.dll, handle is 5b150000
[ 18821:0898] :WRAPPER:CoCreateInstance/RIID: {a3ccedf3-2de2-11d0-86f4-00a0c913f

750}
[ 18821:0898] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\pngfilt.dll
[ 25740:07b0] :WRAPPER:LoadLibrary: COMCTL32.dll, handle is 773a0000
[ 26052:07b0] :WRAPPER:CoCreateInstance: {fa445657-9379-11d6-b41a-00065b83ee53}
[ 26052:07b0] :WRAPPER:CoCreateInstance/RIID: {aa80e7f7-2021-11d2-93e0-0060b067b
86e}
[ 26053:07b0] :WRAPPER:CoCreateInstance: {3050f4f5-98b5-11cf-bb82-00aa00bdce0b}
[ 26053:07b0] :WRAPPER:CoCreateInstance/RIID: {3050f7fa-98b5-11cf-bb82-00aa00bdc
e0b}
[ 26053:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\mshtmled.dll
[ 26053:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\mshtmled.dll
[ 26054:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\mshtmled.dll -> KERNEL32.dl
l!0x7c80ac6e = FreeLibrary
l!0x7c809bd7 = CloseHandle
l!0x7c810b07 = GetFileSize
l!0x7c80b55f = GetModuleFileNameA
l!0x7c80ae30 = GetProcAddress
l!0x7c80b731 = GetModuleHandleA
l!0x7c801d7b = LoadLibraryA
l!0x7c801812 = ReadFile
[ 26054:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\mshtmled.dll -> ole32.dll!0
x774d057e = CoCreateInstance
[ 26054:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\mshtmled.dll -> OLEAUT32.dl
l!0x770f9d5a = LoadRegTypeLib
[ 26054:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\mshtmled.dll, handle is
75d50000
[ 26055:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\mshtmled.dll, handle is
75d50000
[ 26055:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\mshtmled.dll
[ 26124:07b0] :WRAPPER:CoGetClassObject: {ed8c108e-4349-11d2-91a4-00c04f7969e8}
046}
[ 26124:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\msxml3.dll
[ 26124:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msxml3.dll
[ 26125:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\msxml3.dll -> KERNEL32.dll!
0x7c801af5 = LoadLibraryExW
0x7c80aedb = LoadLibraryW

0x7c8107f0 = CreateFileW
0x7c801812 = ReadFile
0x7c81cafa = ExitProcess
[ 26125:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\msxml3.dll -> ole32.dll!0x7
[ 26125:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msxml3.dll, handle is 74
910000
[ 26126:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msxml3.dll, handle is 74
910000
[ 26126:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\msxml3.dll
[ 26137:07b0] :WRAPPER:CoCreateInstance: {00000323-0000-0000-c000-000000000046}
046}
[ 26148:07b0] :WRAPPER:CoCreateInstance: {7b8a2d94-0ac9-11d1-896c-00c04fb6bfc4}
[ 26148:07b0] :WRAPPER:CoCreateInstance/RIID: {79eac9ee-baf9-11ce-8c82-00aa004ba
90b}
[ 26150:07b0] :WRAPPER:LoadLibrary: USER32.dll, handle is 7e390000
[ 26158:07b0] :WRAPPER:CoCreateInstance: {275c23e2-3747-11d0-9fea-00aa003f8646}
[ 26158:07b0] :WRAPPER:CoCreateInstance/RIID: {275c23e1-3747-11d0-9fea-00aa003f8
646}
[ 26158:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\mlang.dll
[ 26159:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\mlang.dll, handle is 75d
d0000
[ 26159:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\mlang.dll
[ 26687:07b0] :WRAPPER:LoadLibrary: WINMM.dll, handle is 76b00000
[ 26687:07b0] :WRAPPER: Search C:\WINDOWS\media\Inicio de Windows XP.wav in NULL
[ 26687:07b0]
[ 26687:07b0]
[ 27769:07b0]
[ 27769:07b0]
e0b}
[ 27769:07b0]
[ 27777:07b0]
[ 27784:07b0]
andleW
[ 27784:07b0]
y
[ 27784:07b0]
ress
[ 27784:07b0]
yW
[ 27784:07b0]
yExW
[ 27784:07b0]
e
:WRAPPER:LoadLibrary: URLMON.DLL, handle is 7df20000

:WRAPPER:FreeLibrary:7df20000, 'C:\WINDOWS\system32\urlmon.dll'
:WRAPPER:CoCreateInstance: {81397204-f51a-4571-8d7b-dc030521aabd}
:WRAPPER:CoCreateInstance/RIID: {3050f429-98b5-11cf-bb82-00aa00bdc
:WRAPPER: INPROC SERVER C:\WINDOWS\system32\dxtrans.dll
:WRAPPER:LoadLibrary: C:\WINDOWS\system32\dxtrans.dll
:LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c80e4cd = GetModuleH
:LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c80ac6e = FreeLibrar
:LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c80ae30 = GetProcAdd
:LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c80aedb = LoadLibrar
:LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c801af5 = LoadLibrar
:LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c809bd7 = CloseHandl
[ 27784:07b0] :LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c801812 = ReadFile

[ 27784:07b0] :LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c810b07 = GetFileSiz
e
[ 27784:07b0] :LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c8107f0 = CreateFile
W
[ 27784:07b0] :LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c801d7b = LoadLibrar
yA
[ 27784:07b0] :LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c8449fd = SetUnhandl
edExceptionFilter
[ 27784:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\dxtrans.dll -> KERNEL32.dll
[ 27784:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\dxtrans.dll -> ole32.dll!0x
[ 27784:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\dxtrans.dll -> OLEAUT32.dll
!0x770f9d5a = LoadRegTypeLib
[ 27784:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\dxtrans.dll, handle is 6
c2c0000
[ 27785:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\dxtrans.dll, handle is 6
c2c0000
[ 27785:07b0] :DLL_LOADER: fixuping imports of C:\WINDOWS\system32\dxtrans.dll
[ 27786:07b0] :WRAPPER:CoCreateInstance: {d1fe6762-fc48-11d0-883a-3c8b00c10000}
[ 27786:07b0] :WRAPPER:CoCreateInstance/RIID: {6a950b2b-a971-11d1-81c8-0000f8755
7db}
[ 27786:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\dxtrans.dll
[ 27787:07b0] :WRAPPER:CoCreateInstance: {a7ee7f34-3bd1-427f-9231-f941e9b7e1fe}
[ 27787:07b0] :WRAPPER:CoCreateInstance/RIID: {22b07b33-8bfb-49d4-9b90-0938370c9
019}
[ 27787:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\dxtrans.dll
[ 27838:07b0] :WRAPPER:FreeLibrary:77a50000, 'C:\WINDOWS\system32\CRYPT32.dll'
[ 27838:07b0] :WRAPPER:FreeLibrary:77fc0000, 'C:\WINDOWS\system32\Secur32.dll'
064}
[ 27882:07b0] :WRAPPER:CoCreateInstance/RIID: {6c736dc1-ab0d-11d0-a2ad-00a0c90f2
7e8}
[ 27882:07b0] :WRAPPER:CoCreateInstance: {275c23e2-3747-11d0-9fea-00aa003f8646}
[ 27882:07b0] :WRAPPER:CoCreateInstance/RIID: {275c23e1-3747-11d0-9fea-00aa003f8

646}
[ 27882:07b0] :WRAPPER: INPROC SERVER C:\WINDOWS\system32\mlang.dll
[ 27948:07b0] :WRAPPER:FreeLibrary:7dbe0000, 'C:\WINDOWS\system32\mshtml.dll'
[ 78147:07b0] :WRAPPER:FreeLibrary:4eba0000, 'C:\WINDOWS\WinSxS\x86_Microsoft.Wi
ndows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GDIPlus.dll'
[ 78235:07b0] :WRAPPER:FreeLibrary:5b150000, 'C:\WINDOWS\system32\uxtheme.dll'
[ 78259:07b0] :WRAPPER:FreeLibrary:621f0000, 'C:\WINDOWS\system32\mciqtz32.dll'
[ 78260:07b0] :WRAPPER:FreeLibrary:10000000, 'C:\WINDOWS\system32\Macromed\Flash
\Flash32_11_2_202_228.ocx'
[ 78260:07b0] :WRAPPER:FreeLibrary:6c2c0000, 'C:\WINDOWS\system32\dxtrans.dll'
[ 78260:07b0] :WRAPPER:FreeLibrary:75d50000, 'C:\WINDOWS\system32\mshtmled.dll'
[ 78260:07b0] :WRAPPER:FreeLibrary:770f0000, 'C:\WINDOWS\system32\oleaut32.dll'
[ 78260:07b0] :WRAPPER:SetUnhandledExceptionFilter: 0x00000000
[ 78260:07b0] :BOXMAN:Remove temporary files and objects
[ 78260:07b0] :LAUNCHER:ExitProcess(0x00000000)
[ 78260:07b0] :LAUNCHER: exiting
[ 78261:07b0] :WRAPPER:FreeLibrary:0b010001, '???'
[ 78262:07b0] :WRAPPER:FreeLibrary:770f0000, 'C:\WINDOWS\system32\oleaut32.dll'
[ 78263:07b0] :WRAPPER:FreeLibrary:75dd0000, 'C:\WINDOWS\system32\mlang.dll'
[ 78263:07b0] :WRAPPER:FreeLibrary:76ea0000, 'C:\WINDOWS\system32\RASAPI32.DLL'
[ 78263:07b0] :WRAPPER:FreeLibrary:76e50000, 'C:\WINDOWS\system32\rasman.dll'
[ 78263:07b0] :WRAPPER:FreeLibrary:76e40000, 'C:\WINDOWS\system32\rtutils.dll'
[ 78264:07b0] :WRAPPER:FreeLibrary:5b150000, 'C:\WINDOWS\system32\uxtheme.dll'
[ 78264:07b0] :WRAPPER:FreeLibrary:70e20000, 'C:\WINDOWS\system32\asycfilt.dll'
[ 78265:07b0] :WRAPPER:SetUnhandledExceptionFilter: 0x004f7a36
[ 78265:07b0] :WRAPPER:FreeLibrary:77c40000, 'C:\WINDOWS\system32\msv1_0.dll'
[ 78265:07b0] :WRAPPER:FreeLibrary:767b0000, 'C:\WINDOWS\system32\schannel.dll'
[ 78266:07b0] :WRAPPER:FreeLibrary:00000000, 'C:\Documents

and Settings\CABINA9\

Trainer V4.exe Up

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Trainer V4.exe Up

Caricato da

Copyright:

Formati disponibili

[

0:07b0] :LAUNCHER: START

ADVAPI32.dll -> KERNEL32.dll!0x7c80ac6e = FreeL

GDI32.dll -> KERNEL32.dll!0x7c810c1e = SetFileP

COMCTL32.dll -> KERNEL32.dll!0x7c80ae30 = GetPr

COMDLG32.dll -> KERNEL32.dll!0x7c80ee67 = FindC

x4ff9c 'TRAINER V4.EXE'

[ 114:07b0] :WRAPPER:FindFirstFileExW C:\Documents and Settings\CABINA9\Mis do

[ 145:07b0] :BOX: SetFilePointer(OK): SET 385064(0x5e028)/0x57043f, 0x5f014->0

[ 478:07b0] :BOX: SetFilePointer(OK): SET 774007(0xbcf77)/0x57043f, 0x5e2b7->0

RASAPI32.DLL -> KERNEL32.dll!0x7c801d7b = LoadL

[ 753:07b0] :WRAPPER:LoadLibrary: sensapi.dll

:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0xfd177 'TRAINER V4.E

:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x17c177 'TRAINER V4.

:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x1ed177 'TRAINER V4.

:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x26c177 'TRAINER V4.

:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x2dd177 'TRAINER V4.

:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x35c177 'TRAINER V4.

:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x3cd177 'TRAINER V4.

:BOX: ReadFile 0x022d1ee8 <- 0x1000 bytes at 0x44c177 'TRAINER V4.

:BOX: ReadFile 0x008ff03b <- 0xf000 bytes at 0x4bd177 'TRAINER V4.

IMAGEHLP.dll -> KERNEL32.dll!0x7c80ba04 = Unmap

[ 2266:0ca0] :WRAPPER:LoadLibrary: midimap.dll

[ 2268:07b0] :LAUNCHER:WRAPPER: QUARTZ.dll -> OLEAUT32.dll!0x770f9d5a = LoadReg

[ 2270:07b0] :LAUNCHER:WRAPPER: CLBCATQ.DLL -> OLEAUT32.dll!0x770f9d5a = LoadRe

[ 2349:07b0] :BOX:OpenFile: found 'TRAINER V4.EXE' at 0x6df60, size 5702719(0x5

[ 2385:07b0] :WRAPPER:FreeLibrary:7c910000, 'C:\WINDOWS\system32\ntdll.dll'

[ 9185:07b0] :WRAPPER:FreeLibrary:7c910000, 'C:\WINDOWS\system32\ntdll.dll'

[ 10588:07b0] :LAUNCHER:WRAPPER: GDIPlus.dll -> KERNEL32.dll!0x7c809420 = Create

[ 13752:07b0] :LAUNCHER:WRAPPER: SXS.DLL -> KERNEL32.dll!0x7c801812 = ReadFile

[ 14642:07b0] :WRAPPER:CoGetClassObject/RIID: {00000001-0000-0000-c000-000000000

[ 14659:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\mshtml.dll -> ole32.dll!0x7

[ 15697:07b0] :WRAPPER:LoadLibrary: C:\WINDOWS\system32\msctf.dll, handle is 746

[ 15702:07b0] :WRAPPER:LoadLibrary: kernel32.dll, handle is 7c800000

_202_228.ocx -> KERNEL32.dll!0x7c80b731 = GetModuleHandleA

[ 15732:07b0] :WRAPPER:LoadLibrary: Kernel32.dll, handle is 7c800000

[ 18821:0898] :WRAPPER:CoCreateInstance/RIID: {a3ccedf3-2de2-11d0-86f4-00a0c913f

[ 26125:07b0] :LAUNCHER:WRAPPER: C:\WINDOWS\system32\msxml3.dll -> KERNEL32.dll!

:WRAPPER:LoadLibrary: URLMON.DLL, handle is 7df20000

[ 27784:07b0] :LAUNCHER:WRAPPER: ATL.DLL -> KERNEL32.dll!0x7c801812 = ReadFile

[ 27882:07b0] :WRAPPER:CoCreateInstance/RIID: {275c23e1-3747-11d0-9fea-00aa003f8

[ 78266:07b0] :WRAPPER:FreeLibrary:00000000, 'C:\Documents

Potrebbero piacerti anche